www.viagrarem.com Open in urlscan Pro
2606:4700:3035::ac43:b6d8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cafergotmed.com/
Effective URL:
http://www.viagrarem.com/
Submission Tags: tranco_l324
Submission: On November 27 via api (November 27th 2021, 3:12:14 am UTC) from DE — Scanned from DE

Summary HTTP 172 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 59 domains to perform 172 HTTP transactions. The main IP is 2606:4700:3035::ac43:b6d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.viagrarem.com.

This is the only time www.viagrarem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:25f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:8543	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:d4c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:b5ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:b1d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:8e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:cae3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::ac43:b6d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 9	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:809::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24 24	2606:4700:20:... 2606:4700:20::681a:70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700:303... 2606:4700:3036::ac43:c3fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	185.199.111.133 185.199.111.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	51.89.99.21 51.89.99.21	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	67.202.114.212 67.202.114.212	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	65.9.71.78 65.9.71.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.35.253.107 13.35.253.107	16509 (AMAZON-02) (AMAZON-02)
4	65.9.71.98 65.9.71.98	16509 (AMAZON-02) (AMAZON-02)
2	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1 3	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
14	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2	65.9.71.76 65.9.71.76	16509 (AMAZON-02) (AMAZON-02)
5	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	65.9.71.11 65.9.71.11	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
6	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1	104.16.111.154 104.16.111.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.136.198 52.215.136.198	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	52.212.131.178 52.212.131.178	16509 (AMAZON-02) (AMAZON-02)
1 1	34.194.112.31 34.194.112.31	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	216.46.185.183 216.46.185.183	13649 (ASN-VINS) (ASN-VINS)
1 2	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:24:... 2a05:d018:24:b002:dccc:4b37:dddb:cf1e	16509 (AMAZON-02) (AMAZON-02)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.184 199.127.207.184	26120 (RHYTHMONE) (RHYTHMONE)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
172	46

1 2606:4700:3036::6815:25f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cafergotmed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8543 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.vardenafilev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:d4c7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cialisactivefd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b5ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.advairinhalers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:b1d4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.personaloanvnz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.via1buynow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cae3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.abcviag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:b6d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.viagrarem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:70 (United States) 24 redirects

ASN13335 (CLOUDFLARENET, US)

git.player25.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3036::ac43:c3fe (United States)

ASN13335 (CLOUDFLARENET, US)

vvvkafasi.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.199.111.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-78.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-107.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-98.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-76.fra56.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-11.fra56.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.111.154 (None, )

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.136.198 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-136-198.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.131.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.112.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-112-31.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:dccc:4b37:dddb:cf1e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.184 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com 2.bp.blogspot.com	10 MB
30	vvvkafasi.cloud vvvkafasi.cloud	9 MB
24	player25.xyz 24 redirects git.player25.xyz	18 KB
18	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	17 KB
15	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	38 KB
8	addthis.com 1 redirects s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
6	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	23 KB
6	gstatic.com fonts.gstatic.com	89 KB
5	dtscout.com t.dtscout.com	18 KB
5	githubusercontent.com raw.githubusercontent.com	25 MB
3	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	1 KB
3	amung.us whos.amung.us widgets.amung.us	7 KB
3	google-analytics.com www.google-analytics.com	40 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	615 B
2	tidaltv.com 2 redirects sync.tidaltv.com	686 B
2	agkn.com 1 redirects aa.agkn.com	741 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	917 B
2	pinterest.com widgets.pinterest.com	435 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	763 B
2	onaudience.com 2 redirects pixel.onaudience.com	800 B
2	bluekai.com tags.bluekai.com	850 B
2	dtscdn.com t.dtscdn.com	812 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
2	dmca.com images.dmca.com	3 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	86 KB
2	viagrarem.com www.viagrarem.com	61 KB
1	turn.com 1 redirects d.turn.com	411 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	mathtag.com 1 redirects sync.mathtag.com	647 B
1	adgrx.com cm.adgrx.com	408 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	eyeota.net ps.eyeota.net	344 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	clickagy.com 1 redirects aorta.clickagy.com	673 B
1	krxd.net beacon.krxd.net	338 B
1	sharethis.com sync.sharethis.com	232 B
1	truoptik.com dmp.truoptik.com
1	userreport.com audex.userreport.com	433 B
1	adsrvr.org match.adsrvr.org	265 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	addthisedge.com v1.addthisedge.com	888 B
1	jsdelivr.net cdn.jsdelivr.net	139 KB
1	moatads.com z.moatads.com	1 KB
1	blogger.com www.blogger.com	56 KB
1	jquery.com code.jquery.com	33 KB
1	waust.at waust.at	8 KB
1	abcviag.com 1 redirects www.abcviag.com	813 B
1	via1buynow.com 1 redirects www.via1buynow.com	815 B
1	personaloanvnz.com 1 redirects www.personaloanvnz.com	818 B
1	advairinhalers.com 1 redirects www.advairinhalers.com	824 B
1	cialisactivefd.com 1 redirects www.cialisactivefd.com	824 B
1	vardenafilev.com 1 redirects www.vardenafilev.com	830 B
1	cafergotmed.com 1 redirects cafergotmed.com	822 B
0	clrstm.com Failed sync.tag.clrstm.com Failed
0	survata.com Failed px.surveywall-api.survata.com Failed
172	59

	Domain	Requested by
30	vvvkafasi.cloud	www.viagrarem.com vvvkafasi.cloud
28	1.bp.blogspot.com	www.viagrarem.com vvvkafasi.cloud
24	git.player25.xyz	24 redirects www.viagrarem.com
14	ic.tynt.com	www.viagrarem.com vvvkafasi.cloud
6	sync.crwdcntrl.net	bcp.crwdcntrl.net
6	fonts.gstatic.com	fonts.googleapis.com
5	bcp.crwdcntrl.net	tags.crwdcntrl.net bcp.crwdcntrl.net
5	t.dtscout.com	waust.at t.dtscout.com widgets.amung.us
5	raw.githubusercontent.com	vvvkafasi.cloud
4	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
4	s7.addthis.com	1 redirects www.viagrarem.com s7.addthis.com
3	api-public.addthis.com	s7.addthis.com
3	www.google-analytics.com	www.viagrarem.com www.google-analytics.com www.googletagmanager.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	aa.agkn.com	1 redirects bcp.crwdcntrl.net
2	dpm.demdex.net	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
2	de.tynt.com	cdn.tynt.com
2	widgets.pinterest.com	www.viagrarem.com
2	cm.g.doubleclick.net	2 redirects
2	spl.zeotap.com	1 redirects vvvkafasi.cloud
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	www.viagrarem.com vvvkafasi.cloud
2	t.dtscdn.com	t.dtscout.com
2	onetag-geo.s-onetag.com	get.s-onetag.com
2	cdn.tynt.com	waust.at widgets.amung.us
2	get.s-onetag.com	t.dtscout.com
2	4.bp.blogspot.com	vvvkafasi.cloud
2	whos.amung.us	waust.at widgets.amung.us
2	maxcdn.bootstrapcdn.com	www.viagrarem.com maxcdn.bootstrapcdn.com
2	images.dmca.com	www.viagrarem.com
2	3.bp.blogspot.com	www.viagrarem.com
2	www.viagrarem.com	www.viagrarem.com
1	d.turn.com	1 redirects
1	pixel-sync.sitescout.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	bcp.crwdcntrl.net
1	dt-secure.videohub.tv	1 redirects
1	ps.eyeota.net	bcp.crwdcntrl.net
1	global.ib-ibi.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	aorta.clickagy.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	mwzeom.zeotap.com	www.viagrarem.com
1	widgets.amung.us	vvvkafasi.cloud
1	www.googletagmanager.com	vvvkafasi.cloud
1	2.bp.blogspot.com	vvvkafasi.cloud
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.jsdelivr.net	vvvkafasi.cloud
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	www.viagrarem.com
1	www.blogger.com	www.viagrarem.com
1	code.jquery.com	www.viagrarem.com
1	waust.at	www.viagrarem.com
1	ajax.googleapis.com	www.viagrarem.com
1	www.abcviag.com	1 redirects
1	www.via1buynow.com	1 redirects
1	www.personaloanvnz.com	1 redirects
1	www.advairinhalers.com	1 redirects
1	www.cialisactivefd.com	1 redirects
1	www.vardenafilev.com	1 redirects
1	cafergotmed.com	1 redirects
0	sync.tag.clrstm.com Failed	bcp.crwdcntrl.net
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
172	73

This site contains links to these domains. Also see Links.

Domain
sshortly.com
whos.amung.us
twitter.com
www.blogger.com
bozguncubetting.com
www.google.com.tr
www.dmca.com
www.marknoack.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2022-04-04`	2 years	crt.sh
*.blogger.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.truoptik.com Entrust Certification Authority - L1K	`2021-10-22` - `2022-10-22`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 32 frames:

Primary Page: http://www.viagrarem.com/
Frame ID: BB256116ECCE74F80838CC9101285B24
Requests: 59 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html
Frame ID: 889F7AB9EF6CB6E268A36D001521B80C
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html
Frame ID: 6C37449CBE8543475C16804FDBE4A3BA
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html
Frame ID: 19E090A169F46EDC7B19A6B33EFF8663
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html
Frame ID: E4EE443CD6338A7EF2952B6D848F89D8
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html
Frame ID: D9ECB75259BBFB70977D9F9C15C404D9
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html
Frame ID: C221C729C7BBBEA638765CB4D23D9DFF
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Frame ID: 9FA1B617476679A402E4EF0CADD44300
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Frame ID: E6EDA53AEB95D6E4C95D0C1594813F8E
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
Frame ID: 03CC31045A2AC32DD5392E4F75C7BB0C
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Frame ID: 7174C957346D56474C0C0AFCD4F984AB
Requests: 12 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Frame ID: F7ECDB362BA81DAB81E0AB41BD569443
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html
Frame ID: 259F98DCBF5C88C3CFA10564556EBE8E
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html
Frame ID: 648563992EDF827C2FC67699CA0F10CC
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html
Frame ID: 2BED771777E8ED259DF5325879813AB2
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Frame ID: 2C142FD8A993B7AF20D631A80B167D9F
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Frame ID: 0F0C8F9137B3D63754DE0779E47A9B1C
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Frame ID: 5B273D7913223C1EB896E278F13EE406
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/live/bein1.html
Frame ID: FD096FE6CEABF32865D11117788A59A8
Requests: 1 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
Frame ID: B3784C5D54BD9D9A86998B4CD7314DC5
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/live/bein.html
Frame ID: 0B8BABDE3E5B80267EE6C80C3DAD8707
Requests: 1 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/live/yurop10.html
Frame ID: 4C50D8452588E233D7C1EC2B2E17C1BD
Requests: 1 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Frame ID: F0B19F59356576B3E98751BB74404AA3
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Frame ID: 610B83679894B43268ABB126C4EC9BAB
Requests: 2 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/tablo2.html
Frame ID: E5094EE4388A8CEAFC9EC8A4EFC669D5
Requests: 15 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html
Frame ID: 7E4D29ADAA5E8F2AF642FBE6A6658289
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 98A1680AA65689ACA6BC45483E1EE11F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 356DFC005D466D42D80532671149D6FE
Requests: 1 HTTP requests in this frame

Frame: http://vvvkafasi.cloud/futbolcafe/sayac.html
Frame ID: 9EAA82A02A13E94EE23957F175514091
Requests: 18 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01637982727438ECEED5BAF25BF0C
Frame ID: 680E17FC3E3F41679DBE5EBCD51EFB0C
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 6086DDF6F69074AFA61DF1ADF44174E4
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Frame ID: DF8C95448963F1601B6001009489BD76
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Taraftarium24 , Taraftarium 24 TV, Bedava Lig tv izleFacebookTwitterPrintEmailPinterestAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://cafergotmed.com/ HTTP 302
http://www.vardenafilev.com/ HTTP 302
http://www.cialisactivefd.com/ HTTP 302
http://www.advairinhalers.com/ HTTP 302
http://www.personaloanvnz.com/ HTTP 302
http://www.via1buynow.com/ HTTP 302
http://www.abcviag.com/ HTTP 302
http://www.viagrarem.com/ Page URL

Page Statistics

172
Requests

66 %
HTTPS

39 %
IPv6

59
Domains

73
Subdomains

46
IPs

7
Countries

45730 kB
Transfer

47285 kB
Size

42
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://sshortly.com/DCTPQv

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/ligtvmax1/
Title: 147

Search URL Search Domain Scan URL

URL: https://twitter.com/macyayinlari24
Title: Twitter bizi takip etmeyi unutmayın!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://bozguncubetting.com/
Title: deneme bonusu

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/search?hl=tr&q=taraftarium24
Title: taraftarium24

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/
Title: Google

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=26d56513-4c63-463a-8fac-8572ee067562&refurl=http://www.viagrarem.com/

Search URL Search Domain Scan URL

URL: http://www.marknoack.com/
Title: Justin tv izle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cafergotmed.com/ HTTP 302
http://www.vardenafilev.com/ HTTP 302
http://www.cialisactivefd.com/ HTTP 302
http://www.advairinhalers.com/ HTTP 302
http://www.personaloanvnz.com/ HTTP 302
http://www.via1buynow.com/ HTTP 302
http://www.abcviag.com/ HTTP 302
http://www.viagrarem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 14

http://git.player25.xyz/kutular/100050bahiscom.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html

Request Chain 15

http://git.player25.xyz/kutular/72890bahiscom.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html

Request Chain 16

http://git.player25.xyz/ultra.jpg HTTP 302
http://vvvkafasi.cloud/futbolcafe/ultra.jpg

Request Chain 19

http://git.player25.xyz/kutular/100050restbet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html

Request Chain 20

http://git.player25.xyz/kutular/100050supertotobet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html

Request Chain 21

http://git.player25.xyz/kutular/100050betistcom.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html

Request Chain 22

http://git.player25.xyz/kutular/100050betebet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html

Request Chain 23

http://git.player25.xyz/poop.js HTTP 302
http://vvvkafasi.cloud/futbolcafe/poop.js

Request Chain 30

http://git.player25.xyz/kutular/72890tipo.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

Request Chain 31

http://git.player25.xyz/kutular/72890rexa.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

Request Chain 32

http://git.player25.xyz/kutular/72890betistcom.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html

Request Chain 33

http://git.player25.xyz/cloudbozguncu/god.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html

Request Chain 34

http://git.player25.xyz/kutular/72890tipo.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

Request Chain 35

http://git.player25.xyz/kutular/72890supertotobet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html

Request Chain 36

http://git.player25.xyz/kutular/72890restbet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html

Request Chain 37

http://git.player25.xyz/kutular/72890betebet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html

Request Chain 38

http://git.player25.xyz/kutular/72890rexa.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

Request Chain 39

http://git.player25.xyz/kutular/72890liderbahis.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

Request Chain 40

http://git.player25.xyz/kutular/72890liderbahis.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

Request Chain 47

http://git.player25.xyz/live/bein1.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/live/bein1.html

Request Chain 48

http://git.player25.xyz/kutular/72890betistcom.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html

Request Chain 52

http://git.player25.xyz/live/yurop10.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/live/yurop10.html

Request Chain 64

http://git.player25.xyz/kutular/300250celtabet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

Request Chain 65

http://git.player25.xyz/kutular/300250celtabet.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

Request Chain 66

http://git.player25.xyz/tablo2.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/tablo2.html

Request Chain 67

http://git.player25.xyz/kutular/300250onwin.html HTTP 302
http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html

Request Chain 112

https://pixel.onaudience.com/?partner=137085098&mapped=51A01637982727438ECEED5BAF25BF0C HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=9cdd5b810107a327 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zcluid=9cdd5b810107a327&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zcluid=9cdd5b810107a327&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEGaTlc7XZD0noJiYlD-fxqA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zcluid=9cdd5b810107a327&zdid=1332

Request Chain 116

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0

Request Chain 117

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0

Request Chain 120

https://pixel.onaudience.com/?partner=137085098&mapped=51A01637982727438ECEED5BAF25BF0C HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=06ecbf5e0bfec9b4

Request Chain 150

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7f0b82020fdbd9702fe97a5cda4c84b7&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=7f0b82020fdbd9702fe97a5cda4c84b7&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a8983410-146c-4907-85c9-a78957204733

Request Chain 152

https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0&xl8blockcheck=1

Request Chain 154

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=7f0b82020fdbd9702fe97a5cda4c84b7&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=7f0b82020fdbd9702fe97a5cda4c84b7&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=68876635981136717752734493262371695685

Request Chain 158

https://aorta.clickagy.com/pixel.gif?ch=120&cm=7f0b82020fdbd9702fe97a5cda4c84b7 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27

Request Chain 160

https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=165010603983000021276

Request Chain 161

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=3f3b052d-02d3-4e36-aecf-2b0688b5428b?gdpr=1&gdpr_consent=

Request Chain 163

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-2b828ee364a265c478785159ae3d4609

Request Chain 165

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=555f61a1-a208-4700-a3f4-554e3551f7d5

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YaGiCQAHj6gOGwAz HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YaGiCQAHj6gOGwAz&_test=YaGiCQAHj6gOGwAz

Request Chain 169

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7f0b82020fdbd9702fe97a5cda4c84b7/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7920816402890308775

Request Chain 170

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=233505057%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D233505057%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=233505057/tpid=3670496396453617560/tp=ANXS

172 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.viagrarem.com/
Redirect Chain

http://cafergotmed.com/
http://www.vardenafilev.com/
http://www.cialisactivefd.com/
http://www.advairinhalers.com/
http://www.personaloanvnz.com/
http://www.via1buynow.com/
http://www.abcviag.com/
http://www.viagrarem.com/

375 KB
58 KB

190ms
175ms

Document
text/html

2606:4700:3035::ac43:b6d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.viagrarem.com/

Protocol

HTTP/1.1

Server

2606:4700:3035::ac43:b6d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e80d08935a67814241f695a86aaa0ac0fab05f88f9085d971272fe823a30e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Sat, 27 Nov 2021 03:12:06 GMT
cache-control: private, max-age=0
last-modified: Sat, 27 Nov 2021 01:33:44 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elPozLqz%2F%2FoZgw8Z03k%2BKHvsz3XfhGfzeOt2I6kTrC0TXBg65Vr19TK8I2dGuuR6KzESB0362NaT8eijGXwg7XWDudtNlAc65tcCQcdUwC%2FWmm63Mn%2FcdK0OtVqqnB4ydsdV8sKIUjfUqi3sHrcY0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b482c4508882b1a-FRA
Content-Encoding: gzip

Redirect headers

Date: Sat, 27 Nov 2021 03:12:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://www.viagrarem.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnhrWL2KrxZ9EnqYxiwHZQWH%2BjRxYU53S64dpUujXt0GQcnP7KMz9zWNOZaQbEL6%2BXCk3e1vodi7AItOm4nxpI1ESjKu4gyuDyvUcd5CfT7bY0PcZRG7utE5sB5mLKeAOnParxb7C4tjSnFlQh0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c44db2e435d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
85 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:10:37 GMT
x-content-type-options: nosniff
age: 198089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86351
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 20:10:37 GMT

GET
H2 200 t2424.gif
1.bp.blogspot.com/-DOBmRc78FN8/YUZib3OmKkI/AAAAAAAAH3w/NrV1LidVuRswL0LTukct9P1I_aeReKnMQCLcBGAsYHQ/s0/ 49 KB
49 KB 127ms
38ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-DOBmRc78FN8/YUZib3OmKkI/AAAAAAAAH3w/NrV1LidVuRswL0LTukct9P1I_aeReKnMQCLcBGAsYHQ/s0/t2424.gif

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5985a18268c0ebb932bf079b352fa74a9875342ee6edc881189e44df2077ed4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:04:19 GMT
x-content-type-options: nosniff
age: 11267
content-disposition: inline;filename="t2424.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49720
x-xss-protection: 0
server: fife
etag: "v1f7d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:15:24 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

29ms
9ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 27 Nov 2021 03:12:06 GMT
x-host: s7.addthis.com
content-length: 116382

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 taraftarium24.jpg
1.bp.blogspot.com/-y-gGeVBQ9Q8/X1tXxhkosVI/AAAAAAAAHag/-KdaXYT7aAwMeXovB08tDqyXy8hQEvVdQCLcBGAsYHQ/s200/ 13 KB
14 KB 41ms
39ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-y-gGeVBQ9Q8/X1tXxhkosVI/AAAAAAAAHag/-KdaXYT7aAwMeXovB08tDqyXy8hQEvVdQCLcBGAsYHQ/s200/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd06b2a60080e41aa21e666ab6a71332123a523cd5f844321de13cac28ae749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:15:00 GMT
x-content-type-options: nosniff
age: 3426
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13714
x-xss-protection: 0
server: fife
etag: "v1da9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:41:58 GMT

GET
H2 200 taraftarium24.jpg
1.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/s200/ 14 KB
14 KB 50ms
47ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/s200/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

739431390f2b34dd5f5fa3de347b2c1e9a5d7d524634913467c0828dcc6336fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:20:45 GMT
x-content-type-options: nosniff
age: 10281
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14297
x-xss-protection: 0
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:13:36 GMT

GET
H2 200 taraftarium24.jpg
3.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/s200/ 14 KB
14 KB 56ms
54ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/s200/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

739431390f2b34dd5f5fa3de347b2c1e9a5d7d524634913467c0828dcc6336fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:10:46 GMT
x-content-type-options: nosniff
age: 3680
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14297
x-xss-protection: 0
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:41:58 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
8 KB 33ms
16ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2753
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:53 GMT
Server: cloudflare
etag: W/"60903785-3444"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2jd6VzoupBEQH1qAJtiUw%2Bsjic%2FYo7E3zxuoFXvlrK%2Bxu3rOrBv1GteJf3Y6AXxR1tMXiHHWs%2B0uAC8qgpKh8ugnVe5wiiVTmyb9ycjSOVi%2FylxMROsTHQfOrBzY66r6WRK2IVs"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6b482c485db95c2c-FRA
expires: Sun, 28 Nov 2021 02:26:13 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 56ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1637982726.dop241.am5.t,1637982726.cds256.am5.hn,1637982726.cds302.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 dmca-badge-w100-5x1-11.png
images.dmca.com/Badges/ 2 KB
3 KB 25ms
8ms Image
image/png 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=26d56513-4c63-463a-8fac-8572ee067562
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
server: nginx
x-powered-by: ASP.NET
etag: "70d0a63aace6d11:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png>; rel="canonical"
content-length: 2390
expires: Mon, 27 Dec 2021 03:11:57 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 27ms
8ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Mon, 27 Dec 2021 03:11:34 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.viagrarem.com/js/ 6 KB
3 KB 20ms
18ms Script
text/javascript 2606:4700:3035::ac43:b6d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.viagrarem.com/js/cookienotice.js

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

HTTP/1.1

Server

2606:4700:3035::ac43:b6d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
Age: 16905
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 2026
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 20:50:04 GMT
Server: cloudflare
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 6b482c484a992b1a-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 03 Dec 2021 22:30:21 GMT

GET
H2 200 3630122430-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3630122430-widgets.js

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c59da935f7b14f6718b1592f7d0f2992486b7fb28258047a0a05023d5d6785db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56956
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 00:52:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 24 Nov 2022 02:07:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 02:22:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 03:12:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 03:12:06 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 37ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718
age: 21469182
cdn-cachedat: 2021-03-11 11:58:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 739ff5317e853965944fd246789e3b16
cf-ray: 6b482c485a6a6909-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

100050bahiscom.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 889F
Redirect Chain

http://git.player25.xyz/kutular/100050bahiscom.html
http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html

350 B
1 KB

34ms
22ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1040
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bwDfqomBSDLjeY08QHWdlAtN2VtQE3%2BJ%2FL3tBxUL%2FCGeMjHNdte8wuy2OUD6aRE1z1NOciqy7cWUUz%2FxyRJBsub%2FTvutgSyRBMvsoT%2BmcLJzH90BU%2BcW1cePxCVqaSqIbsNYRENcHsnD0Z3vgU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c488ea44e49-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBP8BW8sBoYR4sVRntV5ywYR8Tl4TMKsEHGcmu1TlOPgH6mVN656GwYaq9wqT%2BahqCT5L0NR5ysKUJoofBdSlCgdCvwr5LckRHcxlMN8tcpCdwyYgPyjz3ciA9WnP2ZlQWOH8o%2BDcTETquZXjNs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c485f144e0e-FRA

GET
H/1.1

200
OK

72890bahiscom.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 6C37
Redirect Chain

http://git.player25.xyz/kutular/72890bahiscom.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html

352 B
1 KB

39ms
23ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:16 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1040
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ9m%2Faw1Ktn7aIBqLgI3W1ZhmpXzBJnq2UMpqCZcQDW5RXhoFlNKhfuwPjd7bN67g1P%2BqngOpzaH12I2u2CZ1cIMRDlmd5FBX3BCOZY4pbkiTUAYctpKCw7xf8YeEfNgs%2FHAhwHJsB4%2FNLXr%2BOs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c488bd03260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOmtgFHn%2F0JCzvgF8sqljevmJHTKNM%2FZsAh1B82uCw%2FxSQHVsiJDy88uev5lcPoAXXJkzPzJA7f0uSJ6qIF7gdc0X4VYwI0BTLKGmD83qF0Q1uBmb4qqorco3ErsZUL6PcLwj8Tllnc690i5NS8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4859cf4db8-FRA

GET
H/1.1

200
OK

ultra.jpg
vvvkafasi.cloud/futbolcafe/
Redirect Chain

http://git.player25.xyz/ultra.jpg
http://vvvkafasi.cloud/futbolcafe/ultra.jpg

81 KB
82 KB

35ms
22ms

Image
image/jpeg

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vvvkafasi.cloud/futbolcafe/ultra.jpg
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d82f72ca5fd5fb17d58affef475fde8c8b26cb720c3d256f66143437ed5a09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1900
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 83345
last-modified: Fri, 26 Nov 2021 17:08:51 GMT
Server: cloudflare
etag: "61a114a3-14591"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhsK3K9IxKCenawQdtOgqWJoSCDuhP28VXXVD4ogydHM25NIaEPnMnldRlt5lcqjTFf7UmYpceXmp1wz6STpKzNePYIH0rhtT6qvpQbOYEQjeaCtRlzYKte8ixRJz8wOmYoMpVmWM8SWVvJ%2BcOA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b482c488e23692b-FRA

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEteRDXfrXCRH%2Fn8LPBlm51DMlHNeR0C12asRYzF1b3v%2BJL5kSebkhCn%2BMN0AojhL1WExyBS6dDFaFtpLDhna8VKhOjnHzuDGJoYI09qVhCznYUr5MaXlxW%2BrmJPXznNKLdQoI1pRC5ZrthHRPM%3D"}],"group":"cf-nel","max_age":604800}
Location: http://vvvkafasi.cloud/futbolcafe/ultra.jpg
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6b482c485d5fc2ae-FRA
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 27ms
16ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
age: 17002
cdn-proxyver: 1.0
cdn-cachedat: 11/02/2021 23:29:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70700
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 264edb6349236bfdaa18fccb949dd9ff
accept-ranges: bytes
cf-ray: 6b482c48ab454e50-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 38ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=56213
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1

200
OK

100050restbet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 19E0
Redirect Chain

http://git.player25.xyz/kutular/100050restbet.html
http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html

340 B
1 KB

16ms
16ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291d4a5613f03360fb3b8c02f67bb529f65118d1b4916ca2466901fe54a7abd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:14 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 708
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Yos7SfACIKJ%2Fazkg4DpaUzgzZACdnW2BhoN7EEhsbnbfSz3Yscx0AvHhCQ%2Fg18Pu6qC4iDxs9lni%2Fd186t5ImiDLmATHv6JLdfjyIktRZsBgaUW1btGxsNBIT6eavMd4PVcV7Nr91h2mTeh%2FKc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c490c103260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BMIKdE0OfbL%2BaKv1lwD1rsPaJbFEH5ga%2Frxzq2m2gpdCqI6bnn2M8KjliLq8us64if9L7IgBiRnmFPZDMviUPlB8ETz4D2yaFv%2BlJNVXs%2FoT1wkBolhBWICcRQQMkYS98MrghxtV55LrcusXsM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c48ff904e0e-FRA

GET
H/1.1

200
OK

100050supertotobet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame E4EE
Redirect Chain

http://git.player25.xyz/kutular/100050supertotobet.html
http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html

292 B
1 KB

15ms
15ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f763dcd7c0590ce397a900595f2eac9f0a177f92033ed3903d52f364c21195

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:14 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZNFfQ9Jmu0d4mDxgVeW3%2BP%2B5t3w3TeUHz5ze5fdXUYGd%2FnVDXjoMHJWL9a2EHWtbkmMx0Bl1RMIyJvPWce1CCzJBzvsa4nH0uxZnMku6fcf5ee5kO%2F5aiB7HKAUIj7I2GK5fQpf6J5FJ3Z%2FZEY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c490ebc692b-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6KTNqARA4Lp60S2O8%2BAowI1VxZRHjZNf3CdjfhgHwsS4cAIXoTF4MUanHOoiEuczEw2GiV97mSaLDx3oI%2F43uFFw3pWZ8ghjkoN117UYi6m2ikgXZkPKnneovOsB7vCyTdX9PtZTlk4o8%2Bs%2F0U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c48fa3a4db8-FRA

GET
H/1.1

200
OK

100050betistcom.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame D9EC
Redirect Chain

http://git.player25.xyz/kutular/100050betistcom.html
http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html

255 B
1 KB

11ms
11ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eefa96a1c11a1e01e14761de828dd52922af9fe94e74c3ea6d944d00bd3e7c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkrG9SUsEwP0hs1lgonws%2B7y15TrWOMAoX7j%2BhGQscbgneeakcmshV1WyfDLhzSOASN64I7FIBqyrkLto2X2d3rJn6mjeJ5MHpfoopZDAHZbNtACAJZdssIxHUfcxj9%2FI2jqdaXd%2Fbx7XK%2BVC1g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c491f394e49-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeYjzwgAp1tKFGW3F7wAX7D%2FYwBDBbfjv7IrsaKQ10isEz9vIAMyUHnT%2BsHocLRIXYeLoWmcSMYQMwmS%2FynFfvytXlse%2Bw6ODhDfR1zrMQZ7%2B3PcWMKXdsTz6nc9eui9UPZ6f%2FnSuGy5%2FTGhtcs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c48f9ed4eeb-FRA

GET
H/1.1

200
OK

100050betebet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame C221
Redirect Chain

http://git.player25.xyz/kutular/100050betebet.html
http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html

248 B
1 KB

12ms
12ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cd6b2d06bc66636e694d672c771c23b684f104780e29fc78897d77d8ec9d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo%2B28d18NKOspylYejGCrfLhBzvMPVpeiKuK42jSWVh%2FP7i3dPmrVX%2F6cePYSwiom9tk5a7oOqGAeO%2BlccKcBf2iCsZFpPXQVhqZCyagzPq1N3zTzydRZcE%2Bz34RUgMUbItzo0cNdoPRVxSyWfc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c492c193260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8dW95ze5L4%2BMzlAncyLFSvPVL1m2hSn2Zu0zng78Bn7dEePLuMfmX8U0oiPz6aNkyZRPSwv%2Bzl5BxEmAO1qmHjgY5OWlLIWBZhYjkDfoSx8%2FMRjqPeartLCa2zEL%2BQYHLgreyq1LNtQTxmM%2BD0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c490b7a5c08-FRA

GET
H/1.1

200
OK

poop.js Show response
vvvkafasi.cloud/futbolcafe/
Redirect Chain

http://git.player25.xyz/poop.js
http://vvvkafasi.cloud/futbolcafe/poop.js

1 KB
2 KB

12ms
12ms

Script
application/javascript

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/poop.js
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced442e95537f5b3c6548ea7b4f8e22737cb1ae5caf3acaa51ec74fa9195f0a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5399
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 17:08:51 GMT
Server: cloudflare
etag: W/"61a114a3-5e1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCMyj05PWn1mNMTcu9qOM2srddpNY5MAJ4QDApq6G6drcVWxhcLRzlAnZHKfnj9gQbIu0t91gIH1o8gCKCyvdZh19kZaAaqEWty7Ufl9kReF6PMnXJB7TXGGxou7WNoJTbxSVYu7fA%2FzsMDc3Qg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b482c492f584e49-FRA

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLcSHi0M5BlX27gMjSMGs47zqqf8TiSH6haRguDWWckZoj0IsuoOqIZA2crzdLkGb2WOHpPV0pi1efsPMqAQUC2b9CGqQINh5mFRNCcFLXILGTBUqm6hCYwGGALz5X55yit2mNmj5UkXAIJOZHE%3D"}],"group":"cf-nel","max_age":604800}
Location: http://vvvkafasi.cloud/futbolcafe/poop.js
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6b482c48fdd3c2ae-FRA
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 1000elli-min.gif
1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/ Frame 889F 504 KB
504 KB 39ms
38ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/1000elli-min.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:09:03 GMT
x-content-type-options: nosniff
age: 10983
content-disposition: inline;filename="1000elli-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516161
x-xss-protection: 0
server: fife
etag: "v1f77"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:15:56 GMT

GET
H3 200 728doksan-min.gif
1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/ Frame 6C37 700 KB
700 KB 42ms
40ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/728doksan-min.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:09:03 GMT
x-content-type-options: nosniff
age: 10983
content-disposition: inline;filename="728doksan-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 716810
x-xss-protection: 0
server: fife
etag: "v1f79"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:27:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 203ms
103ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 206147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 142ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 48738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 181ms
87ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:18:23 GMT
x-content-type-options: nosniff
age: 366823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 21:18:23 GMT

GET
H2 200 binellim.gif
raw.githubusercontent.com/mugeanlim/atv/main/ Frame E4EE 522 KB
523 KB 29ms
8ms Image
image/gif 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/mugeanlim/atv/main/binellim.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050supertotobet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-133.github.com

Software

Resource Hash

e0d53555fec85575b4a9c4a395c4033aeb6fe3fbc205747f9dd26ed831518410

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 70aa0d4c1d65c7eae5cb8f3c1884531531f81970
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 2
vary: Authorization,Accept-Encoding,Origin
content-length: 534271
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
x-github-request-id: 73B4:B494:1228C4:133D24:61A0FDE3
x-timer: S1637982727.659882,VS0,VE0
x-frame-options: deny
date: Sat, 27 Nov 2021 03:12:06 GMT
source-age: 255
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"7bfa62f186021081df05bc55f0a552e7fd0ff4f8e86bc404b2795e3b37b97fb1"
accept-ranges: bytes
expires: Sat, 27 Nov 2021 03:17:06 GMT

GET
H/1.1

200
OK

72890tipo.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 9FA1
Redirect Chain

http://git.player25.xyz/kutular/72890tipo.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

356 B
1 KB

16ms
16ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44bb446494a072d40152a83e79d25798aacf4e357ad9d0c7dd8edade64f350e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjJWgsIvBduvq5K%2B6kDN17E040Epv32oIDvLP7ZMn4NmFGEWJMQ6HUceblvgr9PRJZkT6sznavWR7sHYQ6HNk43DpvQ1WpMsBMQYciqEzOEbkklsoSyicu99tyFfNZ7qCkm3C6ofyMRpGcAKrZk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499c593260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ%2Bn9kMCcRX2C%2F9jow4wjffoBLKb%2B44CnT%2BEr14fcKL7CMR%2FO1Dkhv%2FUMmBgbTsLQCD3Pznxyg1azbR%2FV7elwvdrcIQWKWtyhjJ52ZChKaNfOjGSgoZjJoXjHbja82vXfFytnNT%2FvWYDYS%2BPMjw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c498e20c2ae-FRA

GET
H/1.1

200
OK

72890rexa.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame E6ED
Redirect Chain

http://git.player25.xyz/kutular/72890rexa.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

299 B
1 KB

28ms
22ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee470a3afe3dac0b505d7c22d0507b8bc4d641411714381a13ff246b9be2f885

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvhtffJ889UZ1bZQ%2Bejo2M3zJOhOOdDX%2FP5JfiCwF2EYbkGJ9q9juh4edfTD5I1aaRKI0kh335iVqvXDkXY4AkMQ7NV84wYjKq%2ByP%2F0HZcn%2BHbtEX0h36D%2B1L4FJG2uObCsAT%2B%2FCvp2PaoxLWnM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499bd10631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asR%2BMUiBW%2BKhDaanFx7wCFQgqwa%2BhqYafO%2FUYOcTs98jp8w6eXECA9%2BfQkhydqqfpecbz%2FMuAUyYpJh0lC5U9k2vPQhvMkrOEFO9w%2BZTYoJp3qiUXBKX0SUK%2FGlmHKfhA1Oc6sEYVzzeJ%2FmQPoE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c498c715c08-FRA

GET
H/1.1

200
OK

72890betistcom.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 03CC
Redirect Chain

http://git.player25.xyz/kutular/72890betistcom.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html

261 B
1 KB

11ms
11ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200eb26540915e9089a970a62b387866ab63b142699d3abc7e5c465af60e3fb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:16 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 938
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzS4QqADKBwKmgbf1OQhZ%2FowP8eXyCWPtyBE4TuSeb8TiONx%2Bh%2FPhPUTuUo4wQ6PiqIoI7%2B7VYTxLXXQZRsfZlCScLzf7CLPBg0bjsYmcaV5HFR3%2BwCb6CYOlMYZSpgFTlDoP6%2BeLv2gVYJaYrY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499f52692b-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4CmhKXGnPSUN76jSuTqZpGxDLT7untbwAzsqSr4MXAbxNxK7QXEVOctTRJionnxfJgtBHoTPS0gEkiBDAnqxSbpiQKOsaUobM4pEb5JIeXMfBGoWpdD%2BDggmHUuo6YtCuySsowwprkF%2FoGpXQ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c498aa44eeb-FRA

GET
H/1.1

200
OK

god.html Show response
vvvkafasi.cloud/futbolcafe/cloudbozguncu/ Frame 7174
Redirect Chain

http://git.player25.xyz/cloudbozguncu/god.html
http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html

4 KB
3 KB

34ms
27ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358f20eb35a83d3cb288a06b0f3db5c02edd63438d39c96ef69feef3d2df8da6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:00 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 669
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgqvanr6esRJJxN9fnc%2FTQT%2Fc98TPmyyYHTWbPXcVNsZBEw5Ey82A%2Bb6grj2rbm1I3zSwxhFCshquE%2BznHcYsym73Jf4iWxFRAzQM7KbCS49pxi2KBDTOJb91XLegYvsQ7IPqv7%2BnFrAsm0kviM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49a8055b5c-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVx7Di0anPmoqsbPEQ85D0pzwb95K4oKBFgwpWU%2Btb4BKJYvjMVlJRvHKh9%2FTt4zYfa%2BqYrb3evH6cT5j1%2BWTh%2FWvmEDH9quAflNqJT7Ts7olyEha%2FaChXAAl5gVQR%2FnRzeO%2Bx%2FHqzR9uPJwv4A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4988144e0e-FRA

GET
H/1.1

200
OK

72890tipo.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame F7EC
Redirect Chain

http://git.player25.xyz/kutular/72890tipo.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

356 B
1 KB

40ms
34ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44bb446494a072d40152a83e79d25798aacf4e357ad9d0c7dd8edade64f350e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGrthRUZA5z9ZXYdbBP%2BGmXleSQHXMzbnrX3BoO6fAjtPK9dnDTPrMcXeXGj98SApEYLDIgxcDZZHoyzeTo6ouIpZGMzmr8pwVrksSCkNj7%2BJPzOvJlzacDjUXWuAzEKl2N6%2Fdpu8Su52tFDQ20%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49aa172b41-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuMhtuFN4BYOgC%2BqZsWtkg5SWhmTjk41WW6he2uB4mdUinM2VJ%2FlxTy45s3%2BQXVWIV5cfd%2BnSodgAzXXlne4ZdDZxoPvRQZkKiY%2B8PMNe%2FvKbO1of07TiYTgkT7cLQ%2BXGMmvSbK2E2Yq5Ef%2B%2FHo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c498ac14db8-FRA

GET
H/1.1

200
OK

72890supertotobet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 259F
Redirect Chain

http://git.player25.xyz/kutular/72890supertotobet.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html

290 B
1 KB

40ms
21ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e09310182015f9c19d5f5424cb0626b13fae231ef7fe198730a387dd989cac9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 938
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UJPYFOftsPYR0IQDmQHcKakXgSHp83XGk9BjJf2iBYf5l6KMfEhcAT1x2pCML1c8Fgeb76uNjxS%2FPUUzFxXq5aqCYA2gqI8Q4wXLxxt3e59J4jx8TOlkOskrgSEoRT8V2HkcG2t5TpVoKN9ZI0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49c8b75b5c-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hR9oIvjqvii6FFH7h6N9kG562f7tX346KHaKXI9wbgbWSwORH7OD6XA8kLt6qqhkqqM86u1rSg67Rqz2HCll4bQ6On56%2Fh1v1ivKXV9Tx%2BIiwu8pHQR90Up8BIRe3XQcviPMhnS%2FbL5YDFZYjA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499dd42c3e-FRA

GET
H/1.1

200
OK

72890restbet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 6485
Redirect Chain

http://git.player25.xyz/kutular/72890restbet.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html

350 B
1 KB

36ms
32ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08a02dcd9ffae68ebb65b4a3735759aee3a370b0daffbed715699a971de7bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 708
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs5%2BhMCgEloeq8qQQICrcGGChap2KGmUj97e1Bu3wP7ZTG%2B8lklCItWtdIJr8H%2Bcg6t5ANs6O%2FQy5WBJKZ8aOxosUPOZoYBXcCDHXjiYXluuMJGit7d1TEPbVAGw%2BbrCRAridh%2F1rDfjpTPxWaA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49bc6c3260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy1BP94zSJSSIshJGnMorHeOZp5p%2BlN%2F6czUf0YTs5PfWRIgIh8CbYW01k74FY4sszWItAWqD1OwMXsXZEsqrXCsHEs%2Box7aTPaanRlKC5P4EaXBzFbTUD1p5%2FxTErIaI8T3Im%2BxIcK1oz3IJ8g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499e2fc2ae-FRA

GET
H/1.1

200
OK

72890betebet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 2BED
Redirect Chain

http://git.player25.xyz/kutular/72890betebet.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html

249 B
1 KB

49ms
17ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eced6b6ab8df866ccaf3604754c65045cc458b44486493794b08c2b12b94de3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:16 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh9dTBrc%2BJwrz13%2FxD7CXNjC4mNMxHAphJlY4xRSe1UMwD4OkgeAc%2BZPNeWxbDuJPTHfHoHrHtcrcOQOzGw52L7ODVLdLMZortXZRxF5WJb%2BTEUhT%2BAPLs8Y4HHiOA1pMrCHnNcAXMwM9nfHZ9k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49ec813260-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejKTqmdfcN3vk5pCoWXLx1%2FHWjGWm7j85d%2BYtSuoW9tQbDvIshhfkC5u2lxvL6YE%2BCkkSILogykcJLUDY7%2Fm0LUeKpCaUx8%2FrWEc28WNCYq2RFxt5sBgwYdJhKhg2z9h1c94pjKIinrUvjGgvFo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499ab54eeb-FRA

GET
H/1.1

200
OK

72890rexa.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 2C14
Redirect Chain

http://git.player25.xyz/kutular/72890rexa.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

299 B
1 KB

47ms
19ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee470a3afe3dac0b505d7c22d0507b8bc4d641411714381a13ff246b9be2f885

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 911
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmsetuaFJ6PWOIGu9XflmWbMqkvHgNqdeDFy1afW1fjJ7uFUXt82CYuvmYUek5zfTWs1oTqSbmXGAtQoFNr1LfuOGTl4GsnyOr9WVSyjrQxXYt%2FmjcwzsTXMKyYszWBT66WsWulU%2FvOrtkDiwUg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49da422b41-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vugtpzskF4uGbLv7Q4PTrwLom8gWY68JZzkGPD%2BxADUzurCn2JiOAm3ToxiandLkEsyPVvgmWdzOwAFDS%2F3kJMgwBjP4aVMNS9g6pnxgzD3H4NTID6osVbbAfwk3UfmmaRr8M6U%2FfXxGnXHVoLE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499c9e5c08-FRA

GET
H/1.1

200
OK

72890liderbahis.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 0F0C
Redirect Chain

http://git.player25.xyz/kutular/72890liderbahis.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

350 B
1 KB

37ms
21ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389c9480ba45a199bed640f4aec9503acdafe694c72a69be3f5a66e42972a6d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 669
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5f8V6YiHrk0k153B4EtsNZTM2gh8yoA0zxwYk8sf4Ch%2FMx%2FJhMH7qVgjQ%2BGdxcJqf%2BC9SWrvn0cv0suJfc7%2FqYtSr%2FhNoUDMhOVxqw9UFE9vG4xsXQeRTonPbh1%2FXmdmijdNzc%2Fd8ZQGpMZ8sA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49cbf10631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zOCs6MitkIBhuNBKZcyrLbrEjYUPBS92%2BGKTZG%2BNiQG6R0wm6ijGCT5fDkeUeA7rXQvcC98ekdov2zr3vkXeBSzAHS0Nzgoagkh0V7Dl2u58aEWjezqFJer%2B6ARozr%2B6wloXNxxkfTXD1Q21JA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49981a4e0e-FRA

GET
H/1.1

200
OK

72890liderbahis.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 5B27
Redirect Chain

http://git.player25.xyz/kutular/72890liderbahis.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

350 B
1 KB

52ms
17ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389c9480ba45a199bed640f4aec9503acdafe694c72a69be3f5a66e42972a6d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:17 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 669
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40VFjgaNOBxnflQ68G5coR2zFYcDryd%2FdUbJTt7ypVzN%2FVqZ8ATH873GA%2BlLPiuc34EgBPFhN2SG941uumbhIUO7VdP1OGWJgNc8nZmtrHW1no%2BvsvfBxaN2nTykHTzOfcok60%2BiwaueaECxpkY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c49ec0f0631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQB1bQMSe3R%2BYqmlPwVBqgYh5mqU3UPJpWdf5zWa%2BjAxwcQYbEAriAZ6VWjhcKXJ3GuYcC1JqkOVBWUxkjAE8Fhf6HX6smQG3dh6%2FBLmHk0%2B3xhisbsjnKjAPb7sbbvrIc0j%2FM64ZNU%2FrtEx6OE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c499acf4db8-FRA

GET
H3 200 bineli.gif
1.bp.blogspot.com/-A53BJqo20ic/YPbUsGC0f-I/AAAAAAAAHyo/eD2b3DNmoT8Xjr2flSgHaHih95T4eUMIACLcBGAsYHQ/s0/ Frame 19E0 233 KB
233 KB 77ms
77ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-A53BJqo20ic/YPbUsGC0f-I/AAAAAAAAHyo/eD2b3DNmoT8Xjr2flSgHaHih95T4eUMIACLcBGAsYHQ/s0/bineli.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f48b59a1640f4aca9db88b921426d81b03eee4621c977fce76f5e075ba2f1ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="bineli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238767
x-xss-protection: 0
server: fife
etag: "v1f33"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:35:36 GMT

GET
H/1.1 200
OK binelli.gif
vvvkafasi.cloud/futbolcafe/ Frame D9EC 781 KB
782 KB 13ms
12ms Image
image/gif 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vvvkafasi.cloud/futbolcafe/binelli.gif
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf05d8c2f87ceca048ad17e3fc3f3f6d81b42af0ac379b89bb18813adc23ddc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/kutular/100050betistcom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2314
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 799656
last-modified: Fri, 26 Nov 2021 17:08:52 GMT
Server: cloudflare
etag: "61a114a4-c33a8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAM1BXm4R3NtrgikKkGgPnX9RnQuzynmHtwa%2B0iYIDNlh6wKRScSrZPlzc69jaUEkDrl8tkkUjJKrHAPal7qVHwn%2FOuT9%2Bnv6TO%2Bt9L7IMpBSeGnrFGmK%2B7%2FBa34CrXZhkPh9Fly6%2F9PEVC%2Bbec%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b482c498fac4e49-FRA

GET
H/1.1 200
OK btbt.gif
vvvkafasi.cloud/futbolcafe/kutular/ Frame C221 3 MB
3 MB 30ms
23ms Image
image/gif 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/btbt.gif
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312bb8edbb58347fb7db3db4f4c0c474645569a414f7d8a0f8f2fc735f875420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/kutular/100050betebet.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2291
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 3512193
last-modified: Fri, 26 Nov 2021 17:09:18 GMT
Server: cloudflare
etag: "61a114be-359781"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUHTxr3nBOM%2BOjY1zQEgCS%2BLDldmRXQIVVRfzUcr9GMQ8vO0YKwHvj8DT4a2HSqoO6K3HbWENBFJBUOzBCkNRHw%2BNSHMW0Pf2DA1PWeJXmRg%2FvedkGOHgZN9dSFHqDCuzdh5Su4fy%2FLBKpYtjDc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b482c49af67692b-FRA

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 213ms
165ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:21:56 GMT
x-content-type-options: nosniff
age: 49810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:21:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 147ms
107ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:01:19 GMT
x-content-type-options: nosniff
age: 328247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 08:01:19 GMT

GET
H3 200 taraftarium24.jpg
1.bp.blogspot.com/-y-gGeVBQ9Q8/X1tXxhkosVI/AAAAAAAAHag/-KdaXYT7aAwMeXovB08tDqyXy8hQEvVdQCLcBGAsYHQ/w200-h150-c/ 12 KB
12 KB 63ms
62ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-y-gGeVBQ9Q8/X1tXxhkosVI/AAAAAAAAHag/-KdaXYT7aAwMeXovB08tDqyXy8hQEvVdQCLcBGAsYHQ/w200-h150-c/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a4f7f1f2d160f83c34243bc2a7d9fc2bdc2021e8b7b1dcb0a7a5eb35ad3ad309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:23:54 GMT
x-content-type-options: nosniff
age: 2892
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12091
x-xss-protection: 0
server: fife
etag: "v1da9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:27:26 GMT

GET

bein1.html
vvvkafasi.cloud/futbolcafe/live/ Frame FD09
Redirect Chain

http://git.player25.xyz/live/bein1.html
http://vvvkafasi.cloud/futbolcafe/live/bein1.html

0
0

GET

72890betistcom.html
vvvkafasi.cloud/futbolcafe/kutular/ Frame B378
Redirect Chain

http://git.player25.xyz/kutular/72890betistcom.html
http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html

0
0

GET
H3 200 taraftarium24.jpg
1.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/w200-h150-c/ 12 KB
12 KB 67ms
66ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/w200-h150-c/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

786996a2ca15cb0f0aa1de05832d3ebdd581c92ef2acb313b0b8d843d35ab889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:23:54 GMT
x-content-type-options: nosniff
age: 2892
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12322
x-xss-protection: 0
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:22:13 GMT

GET bein.html
git.player25.xyz/live/ Frame 0B8B 0
0

GET
H3 200 taraftarium24.jpg
3.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/w200-h150-c/ 12 KB
12 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-xoy4mD6TnUI/XKfllx5cAYI/AAAAAAAABbY/UogWvedPD1gpjz4i55WkQ7Wzvv7Zpz8ggCPcBGAYYCw/w200-h150-c/taraftarium24.jpg

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

786996a2ca15cb0f0aa1de05832d3ebdd581c92ef2acb313b0b8d843d35ab889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:28:39 GMT
x-content-type-options: nosniff
age: 2607
content-disposition: inline;filename="taraftarium24.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12322
x-xss-protection: 0
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:27:32 GMT

GET
H/1.1

200
OK

yurop10.html
vvvkafasi.cloud/futbolcafe/live/ Frame 4C50
Redirect Chain

http://git.player25.xyz/live/yurop10.html
http://vvvkafasi.cloud/futbolcafe/live/yurop10.html

0
0

18ms
18ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/live/yurop10.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:08 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6883
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGnhISainuBMb6cAlWba6bYGwZN%2FGTcxv86yUVWCOrULVL5SlZmtIQSENb4%2BkTnCGdaamJFstl43LlWOGM3tkNBUVjwR8Rqz66XioSGBwk73rOhod5KzupleO3jR2OMjRPI1IGPhzpht7qXxGpg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4adcfa0631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/live/yurop10.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3uCkeK5R3IgpXnX0LbQbCdM8Alj4G1pFBYGgt8n8Kx6oBot6MTDqtv9oMrzH44L7okhQQQTbKXLEXsO6qmWL9B01DII0vwDAPVV5Ew7KRK2M1WtOz6PXi4%2BAdzIKOt8S0bnmuDFkA07lbxgmu0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4acba74db8-FRA

GET
H/1.1 200
OK yedi28doksan.gif
vvvkafasi.cloud/futbolcafe/ Frame 03CC 1 MB
1 MB 13ms
13ms Image
image/gif 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vvvkafasi.cloud/futbolcafe/yedi28doksan.gif
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c0c0229f08c6fdcc592b577ef9db475873eac81cf44c57290c4e4dfb413f7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2314
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1145649
last-modified: Fri, 26 Nov 2021 17:08:53 GMT
Server: cloudflare
etag: "61a114a5-117b31"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7meDxBXsmoijaxDgf5Rt3Au%2FqBbwIc7LVYZf6T%2B%2FBuEI9YhCpdVJxNIZ8XkLv7UpdjielsbH%2Bg2doazPqgUSEMdYn1eW3EZAFTwIpPFobxh5nMixqYNpKja9ESVTErqQixCt%2BV5eT7UII4anauc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b482c4aed023260-FRA

GET
H3 200 728tipo.gif
1.bp.blogspot.com/-uAhwP4Fu2o8/YP2U8yTA4tI/AAAAAAAABmE/yQjRBFBTnfk29vDRbHlzcSf-yzvPws9jQCLcBGAsYHQ/s0/ Frame 9FA1 1 MB
1 MB 42ms
42ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uAhwP4Fu2o8/YP2U8yTA4tI/AAAAAAAABmE/yQjRBFBTnfk29vDRbHlzcSf-yzvPws9jQCLcBGAsYHQ/s0/728tipo.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04af070efd135a17f439c8dab3a8a051ebc28bd7ee4e1852ed8f25a44acbaf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:01 GMT
x-content-type-options: nosniff
age: 14045
content-disposition: inline;filename="728tipo.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1443969
x-xss-protection: 0
server: fife
etag: "v667"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Nov 2021 17:19:00 GMT

GET
H2 200 rexa7.gif
raw.githubusercontent.com/mugeanlim/atv/main/ Frame E6ED 12 MB
12 MB 146ms
145ms Image
application/octet-stream 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/mugeanlim/atv/main/rexa7.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-133.github.com

Software

Resource Hash

49383b2c518dc45d578cd419c112576eed50b1bb63418e1671b8c7b9b9e0d42a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: d55519624b98c1346d699ad46d65cf761d013bed
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 0
vary: Authorization,Accept-Encoding,Origin
content-length: 12263634
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
x-github-request-id: 8A12:CDCE:1550F8:16C9D5:619E56B7
x-timer: S1637982727.878098,VS0,VE138
x-frame-options: deny
date: Sat, 27 Nov 2021 03:12:07 GMT
source-age: 0
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"c07feb9cf6c49b3e2cbbb8c480e32c7a5314ce028d542b2c00fcf1950144cbec"
accept-ranges: bytes
expires: Sat, 27 Nov 2021 03:17:07 GMT

GET
H/1.1 200
OK pop-tipobet.js Show response
vvvkafasi.cloud/futbolcafe/ Frame 7174 1 KB
2 KB 20ms
15ms Script
application/javascript 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/pop-tipobet.js
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fa298f1f5091e4f045c1ea60d1a15e73c2746409dd275c1e38bf4bca38b00b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4200
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 17:08:51 GMT
Server: cloudflare
etag: W/"61a114a3-5e9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XhpXJIuLcZThryD617JJ9QWOarteJs7hNfyJ6i%2BitlEPuMla%2BHdqwjignInEzDoGsDfMFuzCwTUL27wh%2B88tLe1yWa5I7eL2BqrZkwozYGLbw3RgGea8%2FJwnh7lC2U%2BwzMhEUKM1iHxg936pxI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b482c4b0d460631-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 7174 513 KB
139 KB 52ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23031
x-jsd-version: 0.3.13
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19154-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b482c4b2e704e92-FRA

GET
H3 200 728tipo.gif
1.bp.blogspot.com/-uAhwP4Fu2o8/YP2U8yTA4tI/AAAAAAAABmE/yQjRBFBTnfk29vDRbHlzcSf-yzvPws9jQCLcBGAsYHQ/s0/ Frame F7EC 1 MB
1 MB 41ms
38ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uAhwP4Fu2o8/YP2U8yTA4tI/AAAAAAAABmE/yQjRBFBTnfk29vDRbHlzcSf-yzvPws9jQCLcBGAsYHQ/s0/728tipo.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890tipo.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04af070efd135a17f439c8dab3a8a051ebc28bd7ee4e1852ed8f25a44acbaf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:01 GMT
x-content-type-options: nosniff
age: 14045
content-disposition: inline;filename="728tipo.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1443969
x-xss-protection: 0
server: fife
etag: "v667"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Nov 2021 17:19:00 GMT

GET
H3 200 yedisekizdoksan.gif
1.bp.blogspot.com/-cxYdQE-WiYQ/YPbUtPR-TXI/AAAAAAAAHyw/H8aHv56-9rkiL6CZqbjv37Aol-rbCyc4ACLcBGAsYHQ/s0/ Frame 6485 239 KB
239 KB 65ms
64ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cxYdQE-WiYQ/YPbUtPR-TXI/AAAAAAAAHyw/H8aHv56-9rkiL6CZqbjv37Aol-rbCyc4ACLcBGAsYHQ/s0/yedisekizdoksan.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fe3e09f52041e4c00c3ce2d531d4bbd78a3a13047013f63692b80dbe97939905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="yedisekizdoksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244529
x-xss-protection: 0
server: fife
etag: "v1f36"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:58:34 GMT

GET
H3 200 728doksan-LB.gif
1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/ Frame 0F0C 725 KB
726 KB 48ms
47ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/728doksan-LB.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3e9280f67ebd600d854464a00a40615185785f16a4555a5897c1f7c03ad9d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:23:55 GMT
x-content-type-options: nosniff
age: 2891
content-disposition: inline;filename="728doksan-LB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 742867
x-xss-protection: 0
server: fife
etag: "v2db"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 27 Nov 2021 05:16:08 GMT

GET
H2 200 yedim.gif
raw.githubusercontent.com/mugeanlim/atv/main/ Frame 259F 559 KB
559 KB 9ms
7ms Image
image/gif 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/mugeanlim/atv/main/yedim.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890supertotobet.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-133.github.com

Software

Resource Hash

911927ae9af5b5dd6a4982a14f6a64673484283792e40f8dbbd6299e8e477fd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 103154b01a1dafa1ed02c1ef8bb4a6d6c5413e87
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 2
vary: Authorization,Accept-Encoding,Origin
content-length: 572003
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
x-github-request-id: BD48:E3E0:131409:13B72A:61A0FDE3
x-timer: S1637982727.896977,VS0,VE0
x-frame-options: deny
date: Sat, 27 Nov 2021 03:12:06 GMT
source-age: 255
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"7d6348f8938e075f47e35dd6460aa06afe707eaee4d7f09138c96309f3bc6891"
accept-ranges: bytes
expires: Sat, 27 Nov 2021 03:17:06 GMT

GET
H2 200 rexa7.gif
raw.githubusercontent.com/mugeanlim/atv/main/ Frame 2C14 12 MB
12 MB 141ms
139ms Image
application/octet-stream 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/mugeanlim/atv/main/rexa7.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890rexa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-133.github.com

Software

Resource Hash

49383b2c518dc45d578cd419c112576eed50b1bb63418e1671b8c7b9b9e0d42a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: e2ec5dae5d7074a644fac128b7e89835c14469ba
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 0
vary: Authorization,Accept-Encoding,Origin
content-length: 12263634
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
x-github-request-id: 8A12:CDCE:1550F8:16C9D5:619E56B7
x-timer: S1637982727.897065,VS0,VE119
x-frame-options: deny
date: Sat, 27 Nov 2021 03:12:07 GMT
source-age: 0
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"c07feb9cf6c49b3e2cbbb8c480e32c7a5314ce028d542b2c00fcf1950144cbec"
accept-ranges: bytes
expires: Sat, 27 Nov 2021 03:17:07 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
8 KB 284ms
9ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 20e8f0d328ec511cf708ef6cae85f040f7ca014e44c97b60918d7b3b8d1091a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
X-T: 0.564
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Sat, 27 Nov 2021 03:12:06 GMT

GET
H/1.1

200
OK

300250celtabet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame F0B1
Redirect Chain

http://git.player25.xyz/kutular/300250celtabet.html
http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

364 B
1 KB

20ms
19ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a007dcd94bd19ad5b5553a35bf08b5b2c86f0e7f1febae78a14a6654a17329

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:15 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 670
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPfFtptMm6e8Wq12TP2HjtDUnbwq6qHQR2PYj2chZa7cUYiX8UNsunbCsYS2ynf4o8q1wLRsYARbGdqclIHhvHtRDrnTvL2EuiF7TQLzKfHBAxSvHmuqsEidY1lXOpMyh3%2FxTCguO8%2BbMS0mC3I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4cbef80631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzx6vKudeTBTtSnrhgsLsIXRYpi4CEp1jBd53MzhZD4zT6qz2HzL4VzSEdw%2BWzYst39InhOnY3JBi%2FLtewVWgQSaCpPNjfBtGBqssJgoSkNXWhhOFkiP%2BKt6B22eGdypicWx9gfiV4pJXnHqL44%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4c9cff4db8-FRA

GET
H/1.1

200
OK

300250celtabet.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 610B
Redirect Chain

http://git.player25.xyz/kutular/300250celtabet.html
http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

364 B
1 KB

17ms
16ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a007dcd94bd19ad5b5553a35bf08b5b2c86f0e7f1febae78a14a6654a17329

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:15 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 669
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKhltjqz6jnOAIYkMxsjiQwChNlA5jKmeICTdpeHfKMdY31RKJgXaRzAFcLMI9l309tDw7P4qZMWcMmc8tF%2BzDjLOVleps3LYm1r6fI3ERu0wPqIDDD%2Bn9UlYEFK2RzlDH%2BuRCGYTp1rTHBNWOk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4b5d9e0631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unfIJbUT9RW8%2FUr21BNcTpl%2FEL0Pz8b9bFBvbHOQzEzeJipJlBG%2Bb7f1CtEBqMTAZ%2F7oiLHt1lPL9gV1%2Bsvf1cLtPAscUZt0BYs%2F3t55xeZHVpPaVqJ7WotrGwk0eaPvrowcupYugdkY7yZBaYk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4b3e9d5c08-FRA

GET
H/1.1

200
OK

tablo2.html Show response
vvvkafasi.cloud/futbolcafe/ Frame E509
Redirect Chain

http://git.player25.xyz/tablo2.html
http://vvvkafasi.cloud/futbolcafe/tablo2.html

9 KB
4 KB

19ms
19ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0930be5d4814debd3883d1db3b87b73ee46a9ed1588446b76a219cddc91601c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:08:48 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 668
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5ENO7CMacYFpVf7Nb3UXScXL1zw1aMPsuorP7XJng1NPIZqKghGkn0Kfujd18hrGgkhGf93cba0LkI10v2G46LypG%2Fw2JzZWeC%2BDKYI8syWN1XPjAB%2BxKGks6oAXLay4e3qGYThBllZyhrIie4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4b5b302b41-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/tablo2.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRysylk5vchZGag0eRQ2XOOJfZT8oLvVBOvD77BvE1c5T%2BhIFv0PC6i1BfrXAB1pjidvG67hVmF1XJSNBgtgYzzJVKcxccK0UKHZ8fxhuy2J%2B6rvaFpiADM0%2FJbpW3gEWLIP0u2%2FLIo6xfHKcbE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4b4ecc2c3e-FRA

GET
H/1.1

200
OK

300250onwin.html Show response
vvvkafasi.cloud/futbolcafe/kutular/ Frame 7E4D
Redirect Chain

http://git.player25.xyz/kutular/300250onwin.html
http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html

374 B
1 KB

235ms
235ms

Document
text/html

2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e8f98796b8a2acc807ca3fc300487b06af0ea5bfdf81139e1bc0ff0f6f9fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:09:15 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 669
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE3Zsq24d8VgSmLdvadcZF4KrLXzulmGFtvy%2B6MSUGoACo4QrIhZaCBruOKUqnh3SfUaGiSv6uWRRGeGkYJ9dEKfdmZWoW0EmFyGcAQhJ%2BVJ88pnir48pT%2Ba%2B4SlRHdzJLFaMdnHBL2gikJnQwk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4cbc356903-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVEF1yR6yhsU473h9o4fPavGnLFuVvgNGLdb2jDKlh8i0%2BIkvHAvDtuYNkSenzZJ5I9IGMTCquOIhwpiAZsHi4HaNJHGQEgwF2RuP%2B%2Fe%2BgPhzzPr6LDEePEQZ5v772v2CfcMZzCHWdu41KkIWSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4b496e4e0e-FRA

GET
H/1.1 200
OK bttb.gif
vvvkafasi.cloud/futbolcafe/kutular/ Frame 2BED 3 MB
3 MB 16ms
15ms Image
image/gif 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vvvkafasi.cloud/futbolcafe/kutular/bttb.gif
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e246c734fc7fbdeb5b9247a4f755e7b8c8bfd3ef81c64a29964b50fa5c29a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/kutular/72890betebet.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2267
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 3656798
last-modified: Fri, 26 Nov 2021 17:09:18 GMT
Server: cloudflare
etag: "61a114be-37cc5e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgXJg6do3LReFbsvX10AWtTinFriNM8x4ZB4mN%2B%2B%2FxS3A%2B%2Fv5YnSe7bHGmkjmyvUTSd3KW3OH5Xf0OVD9fERsOoFZl9wlc3u%2F5JsKZ3fQJ0q4kGWT4LbbFxdkpZ2nISvjKLhYyT0PDCKYHPPi5I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b482c4b48ea4e49-FRA

GET
H3 200 728doksan-LB.gif
1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/ Frame 5B27 725 KB
726 KB 43ms
42ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/728doksan-LB.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890liderbahis.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3e9280f67ebd600d854464a00a40615185785f16a4555a5897c1f7c03ad9d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:23:55 GMT
x-content-type-options: nosniff
age: 2891
content-disposition: inline;filename="728doksan-LB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 742867
x-xss-protection: 0
server: fife
etag: "v2db"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 27 Nov 2021 05:16:08 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 136ms
87ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.viagrarem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:15:28 GMT
x-content-type-options: nosniff
age: 366998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17004
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 21:15:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 660
date: Sat, 27 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 05:01:07 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a4f78ed4c392b74/ 3 KB
888 B 179ms
174ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a4f78ed4c392b74/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 175d9eb77519bcfb54f3028c851be267a2e004a8cecab54996a27840192233fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
etag: 983929280--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=59, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 713

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 194ms
156ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61a1a206c8a0cc6a&bkl=0&bl=1&pdt=779&sid=61a1a206c8a0cc6a&pub=ra-5a4f78ed4c392b74&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.viagrarem.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=taraftarium24%2Ctaraftarium%2024%20izle%2Ctaraftarium24%20izle%20HD%2Ctaraftarium24%20HD%20izle%2Ctaraftarium%2024&colc=1637982727026&jsl=1&uvs=61a1a20678f38836000&skipb=1&callback=addthis.cbs.jsonp__84929186828321760
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 64ea972423868bb28d248dab927220508dd0b03dd6b64e3b1fb7b59bd80e7779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:07 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 98A1 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 356D 71 KB
26 KB 27ms
26ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 27 Nov 2021 03:12:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 29 B
213 B 232ms
109ms Script
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax1&t=Taraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle&c=d&x=http%3A%2F%2Fwww.viagrarem.com%2F&y=&a=0&v=27&r=8971
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 32dc78c7f0454566cd4c77bcbad9fa530157324510cf2505fcfcf7ad710d20c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK arlinadesign.gif
1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/ 43 B
503 B 90ms
41ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 01:03:07 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 7740
ETag: "va12"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="arlinadesign.gif"
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 13 Nov 2021 13:38:07 GMT

GET
H3 200 katil%2B%25281%2529.png
1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/ Frame 7174 4 KB
4 KB 37ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/katil%2B%25281%2529.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:09:08 GMT
x-content-type-options: nosniff
age: 10979
content-disposition: inline;filename="katil (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4289
x-xss-protection: 0
server: fife
etag: "v30f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:31:39 GMT

GET
H/1.1 200
OK sayac.html Show response
vvvkafasi.cloud/futbolcafe/ Frame 9EAA 759 B
1 KB 31ms
30ms Document
text/html 2606:4700:3036::ac43:c3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vvvkafasi.cloud/futbolcafe/sayac.html
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:c3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 26 Nov 2021 17:08:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1138
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KOSeYpHIrCrHa4GHZnI8yeyJGHex9mC7GWulwXD2s6V1TnBhSbf%2BXD%2BK270TprSCKorWYR4QDWmfJBBxYRIBgpO8o6TZzjeLgwI1cm62pYiPRrTUHZ1DFBuVzDrADLpwEVklcwit21IJVzsaPc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b482c4c8c492b41-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 300ikielli-CELTA.gif
1.bp.blogspot.com/-M6c-cvOcOBY/YRMLpXo5kUI/AAAAAAAAAs8/sCcIpybCW3QWH8QP4JDWNOfV7mmGrtspwCLcBGAsYHQ/s0/ Frame 610B 1 MB
1 MB 41ms
40ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-M6c-cvOcOBY/YRMLpXo5kUI/AAAAAAAAAs8/sCcIpybCW3QWH8QP4JDWNOfV7mmGrtspwCLcBGAsYHQ/s0/300ikielli-CELTA.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d326c21da3d3667b4050c40d959cfa0e8080a98f2cf6f79c9023b47ea54e128a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:21:04 GMT
x-content-type-options: nosniff
age: 13863
content-disposition: inline;filename="300ikielli-CELTA.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114999
x-xss-protection: 0
server: fife
etag: "v2dc"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Nov 2021 21:31:09 GMT

GET
H3 200 Screenshot%2B2019-11-06%2Bat%2B8.59.03%2BPM-min.png
1.bp.blogspot.com/-itnCdY7dLa0/XcMmdWbLTWI/AAAAAAAACpo/P8qV93njjIkVIftV3y-SnK89opPIqniWACLcBGAsYHQ/s1600/ Frame E509 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-itnCdY7dLa0/XcMmdWbLTWI/AAAAAAAACpo/P8qV93njjIkVIftV3y-SnK89opPIqniWACLcBGAsYHQ/s1600/Screenshot%2B2019-11-06%2Bat%2B8.59.03%2BPM-min.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cfef27eaffdf7f003db652df73484b015b269c34f0ee42c96419c3f1656a2f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:08:13 GMT
x-content-type-options: nosniff
age: 3834
content-disposition: inline;filename="Screenshot 2019-11-06 at 8.59.03 PM-min.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: fife
etag: "va9b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:23:34 GMT

GET
H3 200 1-rest-min.jpg
1.bp.blogspot.com/-CEWYCKm6zX4/XK54jKq-VWI/AAAAAAAAHsA/HKioGPbxis0VA9xXS07r8BZuG6wt0C3bwCLcBGAs/s1600/ Frame E509 2 KB
2 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-CEWYCKm6zX4/XK54jKq-VWI/AAAAAAAAHsA/HKioGPbxis0VA9xXS07r8BZuG6wt0C3bwCLcBGAs/s1600/1-rest-min.jpg

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4345f9bbe4d6e3bcd1ca8941998ac20318f5ed0de620a162276cb3c9c4eb2b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:09:22 GMT
x-content-type-options: nosniff
age: 165
content-disposition: inline;filename="1-rest-min.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2333
x-xss-protection: 0
server: fife
etag: "v1ec2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:52:18 GMT

GET
H3 200 bahiz.png
1.bp.blogspot.com/-gT22R4aTz4o/YPtgvf6WkbI/AAAAAAAABk0/B46JaMni6EgDWJizchAJKD1hSaP7Xbn_ACLcBGAsYHQ/s0/ Frame E509 9 KB
9 KB 95ms
93ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gT22R4aTz4o/YPtgvf6WkbI/AAAAAAAABk0/B46JaMni6EgDWJizchAJKD1hSaP7Xbn_ACLcBGAsYHQ/s0/bahiz.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86ae28dec3a4005e71d12015c9ca1f109b2b1b4e2dcae66600fa125ecbc0e51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:45:52 GMT
x-content-type-options: nosniff
age: 1575
content-disposition: inline;filename="bahiz.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9139
x-xss-protection: 0
server: fife
etag: "v64e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 23 Oct 2021 11:42:35 GMT

GET
H3 200 betistt.jpeg
1.bp.blogspot.com/-QkhJvPBpdH0/YP8Xo2R_fvI/AAAAAAAAAsA/3fp1Hnb7hPsUIJg-INAvF2xVCf1g8WjQQCLcBGAsYHQ/s0/ Frame E509 7 KB
7 KB 95ms
93ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-QkhJvPBpdH0/YP8Xo2R_fvI/AAAAAAAAAsA/3fp1Hnb7hPsUIJg-INAvF2xVCf1g8WjQQCLcBGAsYHQ/s0/betistt.jpeg

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aefd464868198c4b81b1f82dfd173d7983ed0df1070adf6ef874fb47dd0e0a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:45:52 GMT
x-content-type-options: nosniff
age: 1575
content-disposition: inline;filename="betistt.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6770
x-xss-protection: 0
server: fife
etag: "v2c1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 06:02:08 GMT

GET
H3 200 Logo.png
1.bp.blogspot.com/-2qI4wBaqB_U/X_Bd50nClFI/AAAAAAAALeI/uoRilZvVN0EEj1TlVwVHHwyQs82VJpXZQCLcBGAsYHQ/s0/ Frame E509 3 KB
3 KB 89ms
87ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2qI4wBaqB_U/X_Bd50nClFI/AAAAAAAALeI/uoRilZvVN0EEj1TlVwVHHwyQs82VJpXZQCLcBGAsYHQ/s0/Logo.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

834ed72f9893ffbb6b642c51f8320012833e068d3180b5722b63e673fece8c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 01:22:24 GMT
x-content-type-options: nosniff
age: 6583
content-disposition: inline;filename="Logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3545
x-xss-protection: 0
server: fife
etag: "v2de3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 15:14:49 GMT

GET
H2 200 SetrabetLogo-225x56px.png
4.bp.blogspot.com/-MKOVJ1UsLJw/X1OV7lQsk3I/AAAAAAAAHaM/nR552sXTdqcOA_KBkTqINb5Ja7kx_fxegCLcBGAsYHQ/s1600/ Frame E509 10 KB
10 KB 480ms
477ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-MKOVJ1UsLJw/X1OV7lQsk3I/AAAAAAAAHaM/nR552sXTdqcOA_KBkTqINb5Ja7kx_fxegCLcBGAsYHQ/s1600/SetrabetLogo-225x56px.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5e90be34f0e072cea027dffd5c5022421f489b93054c6bbaf6183d150950cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 01:19:01 GMT
x-content-type-options: nosniff
age: 6786
content-disposition: inline;filename="SetrabetLogo-225x56px.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10125
x-xss-protection: 0
server: fife
etag: "v1da4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:24:54 GMT

GET
H2 200 Screenshot%2B2020-09-13%2Bat%2B5.17.59%2BPM.png
4.bp.blogspot.com/-yH9cTqWbun4/X144RQYbt3I/AAAAAAAAHaw/KkLT212ldDggdguOl2N6kIUdLIpNYQNdwCLcBGAsYHQ/s1600/ Frame E509 13 KB
13 KB 149ms
146ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-yH9cTqWbun4/X144RQYbt3I/AAAAAAAAHaw/KkLT212ldDggdguOl2N6kIUdLIpNYQNdwCLcBGAsYHQ/s1600/Screenshot%2B2020-09-13%2Bat%2B5.17.59%2BPM.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1cb3ba8daa1b5370d6e7ca952e88c908e66b6c6454ab967eb397352e5e13e20e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 01:19:01 GMT
x-content-type-options: nosniff
age: 6786
content-disposition: inline;filename="Screenshot 2020-09-13 at 5.17.59 PM.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
server: fife
etag: "v1dae"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 10:02:59 GMT

GET
H3 200 mariobet-logo-efekt.gif
1.bp.blogspot.com/-5BTWkwKHArQ/YRHNf_G-A4I/AAAAAAAAAsw/SZeAX3WadLkgUTJlc3cpAI36JhG_5UP2wCLcBGAsYHQ/s0/ Frame E509 330 KB
330 KB 97ms
95ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5BTWkwKHArQ/YRHNf_G-A4I/AAAAAAAAAsw/SZeAX3WadLkgUTJlc3cpAI36JhG_5UP2wCLcBGAsYHQ/s0/mariobet-logo-efekt.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7654fb27ca4e2ea19152c40a4c5f42f83d704d004eebb30cdda9ca5bcf6d8938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:43:45 GMT
x-content-type-options: nosniff
age: 8902
content-disposition: inline;filename="mariobet-logo-efekt.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337752
x-xss-protection: 0
server: fife
etag: "v2cd"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:58:40 GMT

GET
H3 200 sahabet.png
1.bp.blogspot.com/-UGd7DmWqvno/YRkmWGh2WhI/AAAAAAAAL2w/MVU3tSnSk84VCVqNeYIZHGyo4N34r5NpgCLcBGAsYHQ/s0/ Frame E509 8 KB
8 KB 94ms
92ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UGd7DmWqvno/YRkmWGh2WhI/AAAAAAAAL2w/MVU3tSnSk84VCVqNeYIZHGyo4N34r5NpgCLcBGAsYHQ/s0/sahabet.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ef3f1463a7ad022bf65eb276ff4e38feecbab9c77ca9d53a5d3749458c971a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:08:13 GMT
x-content-type-options: nosniff
age: 3834
content-disposition: inline;filename="sahabet.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8455
x-xss-protection: 0
server: fife
etag: "v2f6e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 15:14:49 GMT

GET
H3 200 onwinlogo.png
1.bp.blogspot.com/-E9CfV0U32_o/YRkmVa3K9sI/AAAAAAAAL2s/-7h2cb2qAywutnC3UrYBinrVaZEC-6wkgCLcBGAsYHQ/s0/ Frame E509 6 KB
6 KB 94ms
92ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E9CfV0U32_o/YRkmVa3K9sI/AAAAAAAAL2s/-7h2cb2qAywutnC3UrYBinrVaZEC-6wkgCLcBGAsYHQ/s0/onwinlogo.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79f7880444fe3f5348d0b34a38803248f1d147f85b7465296037f80decc495a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:08:13 GMT
x-content-type-options: nosniff
age: 3834
content-disposition: inline;filename="onwinlogo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5910
x-xss-protection: 0
server: fife
etag: "v2f6d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 07:48:11 GMT

GET
H3 200 143-50.gif
1.bp.blogspot.com/-NLQ68Px2lc4/XkvtddQzAqI/AAAAAAAAKRI/MWF9d6hWDMErALdyqXm4v66AhuUIZjpFgCLcBGAsYHQ/s1600/ Frame E509 219 KB
219 KB 99ms
97ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NLQ68Px2lc4/XkvtddQzAqI/AAAAAAAAKRI/MWF9d6hWDMErALdyqXm4v66AhuUIZjpFgCLcBGAsYHQ/s1600/143-50.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f34f544496da0f529ae4f73976120687beae5d97a67601e76da82f581e0b172c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 01:46:30 GMT
x-content-type-options: nosniff
age: 5137
content-disposition: inline;filename="143-50.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223937
x-xss-protection: 0
server: fife
etag: "v2914"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 16:54:47 GMT

GET
H2 200 liderlogo.jpg
2.bp.blogspot.com/-mLJ5BT1OJFs/X1jpQBFmgxI/AAAAAAAAASU/wDp65UOlZX4kmTOdX_Xj3rP6gNHyIz07gCLcBGAsYHQ/s1600/ Frame E509 2 KB
2 KB 146ms
143ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-mLJ5BT1OJFs/X1jpQBFmgxI/AAAAAAAAASU/wDp65UOlZX4kmTOdX_Xj3rP6gNHyIz07gCLcBGAsYHQ/s1600/liderlogo.jpg

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

34a34664462d7495d15167582354e1b071be2aeab4bca512f3674ac1975cdec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 01:19:01 GMT
x-content-type-options: nosniff
age: 6786
content-disposition: inline;filename="liderlogo.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2389
x-xss-protection: 0
server: fife
etag: "v126"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:27:09 GMT

GET
H3 200 lordcasino.png
1.bp.blogspot.com/-rfRRIcy6m4k/YRkpripJwnI/AAAAAAAAL3M/CZ_ROhU1gH0OuSHic3R-xtgsimo5WXZ0ACLcBGAsYHQ/s0/ Frame E509 12 KB
12 KB 92ms
91ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rfRRIcy6m4k/YRkpripJwnI/AAAAAAAAL3M/CZ_ROhU1gH0OuSHic3R-xtgsimo5WXZ0ACLcBGAsYHQ/s0/lordcasino.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc0f1be6053a40359ec68f0e348ac092e85902f6588269cdecb23c8fa243113d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:08:13 GMT
x-content-type-options: nosniff
age: 3834
content-disposition: inline;filename="lordcasino.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12212
x-xss-protection: 0
server: fife
etag: "v2f74"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:15:58 GMT

GET
H2 200 Logo.png
raw.githubusercontent.com/mugeanlim/atv/main/ Frame E509 41 KB
41 KB 124ms
121ms Image
image/png 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/mugeanlim/atv/main/Logo.png

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/tablo2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-133.github.com

Software

Resource Hash

005f3e7bfce70cad676e8dfec3b3f26d5ee5ac86dea6685baf113ea49521ec35

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: d392e320530a9f4240dda0facf89afb0ab38e109
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 1
vary: Authorization,Accept-Encoding,Origin
content-length: 41512
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
x-github-request-id: B4FA:3225:13329F8:13F9D3E:61A17BF6
x-timer: S1637982727.251149,VS0,VE1
x-frame-options: deny
date: Sat, 27 Nov 2021 03:12:07 GMT
source-age: 151
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"97dc0ad9b8a80df6051515cbb96ee86f75f19cd5c677c4d331984629b9ac8d20"
accept-ranges: bytes
expires: Sat, 27 Nov 2021 03:17:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9EAA 90 KB
36 KB 397ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/sayac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7d76d600e630aeaae6cbe922620a3481f84f08f028aceea05e417cf0e539eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36136
x-xss-protection: 0
expires: Sat, 27 Nov 2021 03:12:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 404ms
356ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1549840060&t=pageview&_s=1&dl=http%3A%2F%2Fwww.viagrarem.com%2F&ul=en-us&de=UTF-8&dt=Taraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=439013363&gjid=534296243&cid=1024528524.1637982727&tid=UA-74068698-9&_gid=1064048488.1637982727&_r=1&_slc=1&z=765268336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.viagrarem.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.viagrarem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300ikielli-CELTA.gif
1.bp.blogspot.com/-M6c-cvOcOBY/YRMLpXo5kUI/AAAAAAAAAs8/sCcIpybCW3QWH8QP4JDWNOfV7mmGrtspwCLcBGAsYHQ/s0/ Frame F0B1 1 MB
1 MB 39ms
38ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-M6c-cvOcOBY/YRMLpXo5kUI/AAAAAAAAAs8/sCcIpybCW3QWH8QP4JDWNOfV7mmGrtspwCLcBGAsYHQ/s0/300ikielli-CELTA.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250celtabet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d326c21da3d3667b4050c40d959cfa0e8080a98f2cf6f79c9023b47ea54e128a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:21:04 GMT
x-content-type-options: nosniff
age: 13863
content-disposition: inline;filename="300ikielli-CELTA.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114999
x-xss-protection: 0
server: fife
etag: "v2dc"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Nov 2021 21:31:09 GMT

GET
H3 200 300ikielli.gif
1.bp.blogspot.com/-agpkeUkfq4I/YTx0O011szI/AAAAAAAAL6U/eZmlHCUNMXM2p47Ire8THLtSWb9zHuRqgCLcBGAsYHQ/s0/ Frame 7E4D 2 MB
2 MB 45ms
45ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-agpkeUkfq4I/YTx0O011szI/AAAAAAAAL6U/eZmlHCUNMXM2p47Ire8THLtSWb9zHuRqgCLcBGAsYHQ/s0/300ikielli.gif

Requested by

Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/300250onwin.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df40dbf7831bf73832151d295ad75602dfa2ae5303d0441266bd9553a325374b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:15:00 GMT
x-content-type-options: nosniff
age: 3427
content-disposition: inline;filename="300ikielli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1829393
x-xss-protection: 0
server: fife
etag: "v2fa9"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:51:23 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 680E 1 KB
751 B 27ms
12ms Document
text/html 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01637982727438ECEED5BAF25BF0C
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3c183a3dc935c6aaf870f88b842a044e18a65addc0f1970f3637d7d8b0058fc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 27 Nov 2021 03:12:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Nov 2021 03:12:06 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 204ms
7ms Script
text/javascript 65.9.71.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 82754
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 04:12:54 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: QRD5v1qnXxDE__67ZAxEKRwTJf5lIEuy37BkTOfxFmc5bytb3qORuA==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 51ms
20ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=viagrarem.com&_ss=57mye77txw&_pv=1&_ls=0&_u1=1&_u3=1&_cc=a1&_pl=d&_cbid=7f7q&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0c2bca311a0986d967ea1056a5953d9fa6dc78d71f5f1c8c145ff610073da331

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
X-T: 0.119
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sat, 27 Nov 2021 03:12:06 GMT

GET
H2 200 classic.js Show response
widgets.amung.us/ Frame 9EAA 12 KB
7 KB 197ms
18ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 May 2021 17:48:25 GMT
server: cloudflare
age: 684
etag: W/"60903769-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6b482c4eef1d3250-FRA
expires: Sun, 28 Nov 2021 03:00:43 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 27 Nov 2021 03:12:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 66ms
13ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 179514
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b482c4f7d725be9-FRA
expires: Tue, 30 Nov 2021 03:12:07 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame 9EAA 8 KB
8 KB 27ms
8ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 650a59f8754fe0924543123df4c4c61c663390a3e24d5a1de9843c6aed6b2db9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
X-T: 0.588
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Sat, 27 Nov 2021 03:12:06 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
970 B 354ms
313ms Fetch
application/json 13.35.253.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-107.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront), 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA6-C1
x-amzn-requestid: e919170a-67fb-472c-974e-9c8f30e64230
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: JcZBQG4LCYcFz5w=
content-length: 555
x-amz-cf-id: QoLYHMOI_LVUkIcrLGLvghLttEPPucIC5co5ImJi4rDB4BkLDg_IQw==

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame 9EAA 28 B
212 B 108ms
108ms Script
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax&t=&c=c&x=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&y=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html&a=0&d=0.428&v=27&r=9715
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 78d43f8d43a3fc2521fc2d84daca06f3f8f467442a5dbab8c301c4d8c46e71e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 43 KB
14 KB 38ms
10ms Script
text/javascript 65.9.71.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-98.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37df2e559b5e8a6dbe8254033036a03034fb1fd59a7a7cec1e67e6edf4598393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:40:21 GMT
content-encoding: gzip
etag: W/"9f3ca8c2d7fb43d7b1d07af367a8a373"
last-modified: Tue, 23 Nov 2021 18:44:53 GMT
server: AmazonS3
age: 23507
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 2_yK34_2y7x7O7_UbmIXmcBeQlYY8yI30sgG9t6a9UOJfJT513Ae3A==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
406 B 463ms
103ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01637982727438ECEED5BAF25BF0C&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fwww.viagrarem.com%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.viagrarem.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 02:34:42 GMT
X-T: 1.1
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sat, 27 Nov 2021 02:34:41 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
425 B 190ms
168ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=51A01637982727438ECEED5BAF25BF0C&ret=html&phint=__bk_t%3DTaraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle&phint=__bk_k%3Dtaraftarium24%2Ctaraftarium%2024%20izle%2C%20taraftarium24%20izle%20HD%2C%20taraftarium24%20HD%20izle%2C%20taraftarium%2024&phint=__bk_l%3Dhttp%3A%2F%2Fwww.viagrarem.com%2F&r=16446942
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 03:12:07 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 22bc
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01637982727438ECEED5BAF25BF0C
https://spl.zeotap.com/?zdid=1332&zcluid=9cdd5b810107a327
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEGaTlc7XZD0noJiYlD-fxqA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd2...

95 B
153 B

24ms
15ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEGaTlc7XZD0noJiYlD-fxqA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zcluid=9cdd5b810107a327&zdid=1332
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.viagrarem.com
access-control-allow-credentials: true
cf-ray: 6b482c547ef24e6d-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEGaTlc7XZD0noJiYlD-fxqA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=878ed366-b254-475b-4848-087d2dbac59d&reqId=5444953d-02a4-471c-5b6f-fd241edb66fa&zcluid=9cdd5b810107a327&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
284 B 234ms
216ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=_ate.cbs.rcb_56650

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

90a5a26f3e440a12b3c076c0c8e144e4de28aae14c9d95ff63c43381c58f7a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.viagrarem.com/
last-modified: Sat, 27 Nov 2021 03:12:07 GMT
server: nginx/1.15.8
date: Sat, 27 Nov 2021 03:12:07 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
258 B 31ms
14ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.viagrarem.com%2F

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.viagrarem.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.viagrarem.com/
last-modified: Sat, 27 Nov 2021 02:00:00 GMT
server: nginx/1.15.8
date: Sat, 27 Nov 2021 03:12:07 GMT
content-type: application/json
access-control-allow-origin: http://www.viagrarem.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
284 B 180ms
163ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=_ate.cbs.rcb_5v530

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

9e09fe8e31e20f70b2f887b34b8d744982ebe510729e93af5e4bacf265e430ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.viagrarem.com/
last-modified: Sat, 27 Nov 2021 03:12:07 GMT
server: nginx/1.15.8
date: Sat, 27 Nov 2021 03:12:07 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0

72 B
301 B

41ms
9ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

58e6a6986e3c458404ef954a4cd6866c09147901df56857d4623c22ad561ad85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 2179843741291095
expires: Sat, 27 Nov 2021 03:22:53 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_h0wb0
Non-Authoritative-Reason: HSTS

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0

73 B
134 B

39ms
9ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0

Requested by

Host: www.viagrarem.com
URL: http://www.viagrarem.com/

Protocol

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9bad412532a4b171bc459bf3613c95eebac756e6f030ff911c0146d1e51ac04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 7526744825575567
expires: Sat, 27 Nov 2021 03:22:53 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagrarem.com%2F&callback=window._ate.cbs.rcb_ldvx0
Non-Authoritative-Reason: HSTS

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 330ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0&t=Taraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle&cu=http%3A%2F%2Fwww.viagrarem.com%2F
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 9EAA 43 KB
14 KB 12ms
11ms Script
text/javascript 65.9.71.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-98.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37df2e559b5e8a6dbe8254033036a03034fb1fd59a7a7cec1e67e6edf4598393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:40:21 GMT
content-encoding: gzip
etag: W/"9f3ca8c2d7fb43d7b1d07af367a8a373"
last-modified: Tue, 23 Nov 2021 18:44:53 GMT
server: AmazonS3
age: 23507
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rHZ5Oq7POEL9952XooFrwCHmjP7J2tuXlgq-MIiRQQfwig_oxWayZg==

GET
H2

200

/
spl.zeotap.com/ Frame 9EAA
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01637982727438ECEED5BAF25BF0C
https://spl.zeotap.com/?zdid=1332&zcluid=06ecbf5e0bfec9b4

95 B
393 B

21ms
19ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=06ecbf5e0bfec9b4
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/sayac.html
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: http://vvvkafasi.cloud
access-control-allow-credentials: true
cf-ray: 6b482c52bd264e6d-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=06ecbf5e0bfec9b4
content-length: 0

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ Frame 9EAA 0
406 B 289ms
102ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01637982727438ECEED5BAF25BF0C&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&r=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 02:34:42 GMT
X-T: 0.9
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sat, 27 Nov 2021 02:34:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9EAA 30 KB
10 KB 10ms
8ms Script
text/javascript 65.9.71.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 82754
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 26 Nov 2021 04:12:54 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 3NZ-owVHsL52Jx00PneCAfmOgklJH9iUjppwqi3q446jB-iH279nZA==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ Frame 9EAA 50 B
318 B 25ms
8ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vvvkafasi.cloud&_ss=6gfb1pqate&_pv=1&_ls=0&_u1=1&_u3=1&_cc=a1&_pl=d&_cbid=5a5d&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b67dcf67085c843f3fe4e9f675b79f8b97247405c03aa6815fe123793dcf53c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:07 GMT
X-T: 0.165
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sat, 27 Nov 2021 03:12:06 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ Frame 9EAA 62 B
425 B 150ms
149ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=51A01637982727438ECEED5BAF25BF0C&ret=html&phint=__bk_l%3Dhttp%3A%2F%2Fvvvkafasi.cloud%2Ffutbolcafe%2Fsayac.html&r=57829058
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/sayac.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 03:12:08 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: ea91
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 9EAA 17 KB
6 KB 16ms
15ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 179514
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b482c51bf295be9-FRA
expires: Tue, 30 Nov 2021 03:12:07 GMT

GET
DATA 200
OK truncated
/ Frame 9EAA 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9EAA 49 KB
20 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 660
date: Sat, 27 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 05:01:07 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 9EAA 555 B
966 B 8ms
8ms Fetch
application/json 13.35.253.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-107.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 17:17:12 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
age: 35695
x-amzn-requestid: 597c5b43-6c9d-43a0-a72a-0c23c2212a23
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA6-C1
x-amz-apigw-id: JbB3yHbRiYcFdZQ=
content-length: 555
x-amz-cf-id: 5OwPchc3CPT911PbgMFbbG-mbtUxtI2obVXAcTtQDuA2QxPhKFAXIw==

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 164ms
107ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1&r=http%3A%2F%2Fwww.viagrarem.com%2F&t=vvvkafasi.cloud
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 519ms
105ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sun, 28 Nov 2021 03:12:08 GMT

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
840 B 58ms
21ms Fetch
application/json 65.9.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-76.fra56.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 22:27:03 GMT
content-encoding: gzip
server: restify
age: 17105
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://www.viagrarem.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: B6YICfZ13TaFKlBxEG7hn3ajkhvqdbyXs6SB9MVPXC5IBThuJAsM6g==
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
110ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0&t=Taraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle&cu=http%3A%2F%2Fwww.viagrarem.com%2F
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 110ms
110ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1&r=http%3A%2F%2Fwww.viagrarem.com%2F&t=vvvkafasi.cloud
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame 9EAA 1 KB
830 B 237ms
237ms Fetch
application/json 65.9.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-76.fra56.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 15:59:16 GMT
content-encoding: gzip
server: restify
age: 40372
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://vvvkafasi.cloud
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: pVIWRjwUFnomqZGZIdmJ_K7IvRtUr9YwN1SsmRYqvV62SJGiW0FRUQ==
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 9EAA 4 KB
1 KB 276ms
7ms XHR
application/json 65.9.71.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-98.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://vvvkafasi.cloud/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Nov 2021 15:59:17 GMT
content-encoding: gzip
age: 40372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 18:44:53 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xtT2x7a-O0Ok7ubVJzSu4y_fWtSqLfsMFWYU6mcRqPTN6w-YyXie-Q==

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 7174 4 B
202 B 319ms
105ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=http%3A%2F%2Fwww.viagrarem.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:07 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sun, 28 Nov 2021 03:12:08 GMT

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1&r=http%3A%2F%2Fwww.viagrarem.com%2F&t=vvvkafasi.cloud
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0&t=Taraftarium24%20%2C%20Taraftarium%2024%20TV%2C%20Bedava%20Lig%20tv%20izle
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 9EAA 608 B
1 KB 142ms
77ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 737bca8a4adf0208cec1019c09f6b55fd09cc3c9f4a48afb39db56efd4752b92

Request headers

Referer: http://vvvkafasi.cloud/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://vvvkafasi.cloud
cache-control: no-cache
x-server: 10.45.18.162
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 608
expires: 0

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1&r=http%3A%2F%2Fwww.viagrarem.com%2F
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 6086 2 KB
1 KB 7ms
7ms Document
text/html 65.9.71.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-98.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Nov 2021 04:25:16 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Ab4uUzq5dKnsA4qDeveqzfk5ti_l42BjPnV-S41l3qb06m-KU1ntZg==
age: 82012

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame DF8C 4 KB
4 KB 31ms
31ms Document
text/html 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5fd0c8c48720f7e73362dfa85d764eb01589a45ac555ac1680f6553d4dd75013

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
content-type: text/html
content-length: 3671
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.2.19
server: Jetty(9.4.38.v20210224)

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DF8C 70 B
265 B 100ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame DF8C 43 B
433 B 45ms
14ms Image
image/gif 65.9.71.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=7f0b82020fdbd9702fe97a5cda4c84b7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-11.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:09 GMT
Via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: oW0gvrTcuSjeFJHPDhZAJaQqvCDYz1seAUEgy_spEb6QKqB3Hv-2UQ==

GET
H2

200

tpid=a8983410-146c-4907-85c9-a78957204733
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame DF8C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7f0b82020fdbd9702fe97a5cda4c84b7&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=7f0b82020fdbd9702fe97a5cda4c84b7&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a8983410-146c-4907-85c9-a78957204733

49 B
264 B

94ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a8983410-146c-4907-85c9-a78957204733
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.3
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a8983410-146c-4907-85c9-a78957204733
date: Sat, 27 Nov 2021 03:12:09 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame DF8C 0
0 54ms
12ms Image
text/html 104.16.111.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.111.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

204

/
loadm.exelator.com/load/ Frame DF8C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0&xl8blockcheck=1

0
755 B

29ms
28ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 27 Nov 2021 03:12:09 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=7f0b82020fdbd9702fe97a5cda4c84b7&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET t
px.surveywall-api.survata.com/ Frame DF8C 0
0

GET
H2

200

tpid=68876635981136717752734493262371695685
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame DF8C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=7f0b82020fdbd9702fe97a5cda4c84b7&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=7f0b82020fdbd9702fe97a5cda4c84b7&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=68876635981136717752734493262371695685

49 B
264 B

32ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=68876635981136717752734493262371695685
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-2-v020-0eb7fe21b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YxtfU7bjQgQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=68876635981136717752734493262371695685
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET sync
sync.tag.clrstm.com/lotame/ Frame DF8C 0
0

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame DF8C 42 B
232 B 57ms
9ms Image
image/gif 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=7f0b82020fdbd9702fe97a5cda4c84b7&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:09 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame DF8C 0
338 B 98ms
27ms Image
text/plain 52.212.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=7f0b82020fdbd9702fe97a5cda4c84b7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1637982729
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame DF8C
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=7f0b82020fdbd9702fe97a5cda4c84b7
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27

0
66 B

54ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sat, 27 Nov 2021 03:12:09 GMT
server: Aorta/20211029.2f91d75
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-19-228.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame DF8C 0
72 B 605ms
136ms Image
text/plain 216.46.185.183
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=7f0b82020fdbd9702fe97a5cda4c84b7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

200

tpid=165010603983000021276
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame DF8C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=165010603983000021276

49 B
818 B

41ms
41ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=165010603983000021276
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.201
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=165010603983000021276
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

tpid=3f3b052d-02d3-4e36-aecf-2b0688b5428b
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame DF8C
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=3f3b052d-02d3-4e36-aecf-2b0688b5428b?gdpr=1&gdpr_consent=

49 B
265 B

34ms
33ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=3f3b052d-02d3-4e36-aecf-2b0688b5428b?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.155
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=3f3b052d-02d3-4e36-aecf-2b0688b5428b?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame DF8C 0
344 B 33ms
8ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=7f0b82020fdbd9702fe97a5cda4c84b7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 03:12:09 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

tpid=CI-2b828ee364a265c478785159ae3d4609
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame DF8C
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-2b828ee364a265c478785159ae3d4609

49 B
265 B

33ms
33ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-2b828ee364a265c478785159ae3d4609
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.162
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-2b828ee364a265c478785159ae3d4609
Date: Sat, 27 Nov 2021 03:12:09 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame DF8C 43 B
408 B 106ms
26ms Image
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 03:12:09 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-5
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame DF8C
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=555f61a1-a208-4700-a3f4-554e3551f7d5

49 B
263 B

32ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=555f61a1-a208-4700-a3f4-554e3551f7d5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.19
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sat, 27 Nov 2021 03:12:09 GMT
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=555f61a1-a208-4700-a3f4-554e3551f7d5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 27 Nov 2021 03:12:08 GMT

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame DF8C 0
191 B 85ms
18ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=YaGiCQAHj6gOGwAz&_test=YaGiCQAHj6gOGwAz
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame DF8C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YaGiCQAHj6gOGwAz
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YaGiCQAHj6gOGwAz&_test=YaGiCQAHj6gOGwAz

49 B
264 B

31ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YaGiCQAHj6gOGwAz&_test=YaGiCQAHj6gOGwAz
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637982729.349019,VS0,VE0
x-served-by: cache-hhn4022-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YaGiCQAHj6gOGwAz&_test=YaGiCQAHj6gOGwAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame DF8C 103 B
412 B 26ms
8ms Script
application/json 3.120.52.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

GET
H2

200

tpid=7920816402890308775
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame DF8C
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7f0b82020fdbd9702fe97a5cda4c84b7/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7920816402890308775

49 B
263 B

32ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7920816402890308775
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.3
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7920816402890308775
pragma: no-cache
date: Sat, 27 Nov 2021 03:12:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=233505057/tpid=3670496396453617560/ Frame DF8C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=233505057%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D233505057%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=233505057/tpid=3670496396453617560/tp=ANXS

49 B
265 B

31ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=233505057/tpid=3670496396453617560/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C104%2C100%2C95%2C94%2C90%2C81%2C80%2C79%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C26%2C8%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 03:12:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.252
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 03:12:09 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7e76c1f2-420f-4fd5-ae61-33cf3797009d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=233505057/tpid=3670496396453617560/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ Frame 7174 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637982727986&dn=TC&iso=1
Requested by: Host: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://vvvkafasi.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637982727819&dn=TC&iso=0
Requested by: Host: www.viagrarem.com
URL: http://www.viagrarem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.viagrarem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:12:09 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/live/bein1.html

Domain: vvvkafasi.cloud
URL: http://vvvkafasi.cloud/futbolcafe/kutular/72890betistcom.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/live/bein.html

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Domain: sync.tag.clrstm.com
URL: https://sync.tag.clrstm.com/lotame/sync?uid=7f0b82020fdbd9702fe97a5cda4c84b7

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.viagrarem.com/	1970-01-20 08:28:30	Name: __atuvc Value: 1%7C47
www.viagrarem.com/	1970-01-19 22:59:44	Name: __atuvs Value: 61a1a20678f38836000
.dtscout.com/	1970-01-20 01:23:42	Name: df Value: 1637982727
.dtscout.com/	1970-01-20 01:06:25	Name: l Value: 51A01637982727438ECEED5BAF25BF0C
.viagrarem.com/	1970-01-20 16:30:54	Name: _ga Value: GA1.2.1024528524.1637982727
.viagrarem.com/	1970-01-19 23:01:09	Name: _gid Value: GA1.2.1064048488.1637982727
.viagrarem.com/	1970-01-19 22:59:42	Name: _gat_blogger Value: 1
.addthis.com/	1970-01-20 08:28:30	Name: uvc Value: 1%7C47
.addthis.com/	1970-01-20 08:28:30	Name: loc Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==
.dtscout.com/	1970-01-19 22:59:47	Name: m Value: 2
.dtscout.com/	1970-01-19 23:00:00	Name: b Value: 2
.dtscout.com/	1970-01-19 22:59:57	Name: oa Value: 2
.viagrarem.com/	1970-01-20 01:04:59	Name: __dtsu Value: 51A01637982727438ECEED5BAF25BF0C
.viagrarem.com/	1970-01-19 22:59:42	Name: lotame_domain_check Value: viagrarem.com
.onaudience.com/	1970-01-19 23:01:09	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 07:45:18	Name: zc Value: 878ed366-b254-475b-4848-087d2dbac59d
.onaudience.com/	1970-01-20 07:45:18	Name: cookie Value: 06ecbf5e0bfec9b4
.dtscdn.com/	1970-01-20 03:17:28	Name: uid Value: 51A01637982727438ECEED5BAF25BF0C
.zeotap.com/	1970-01-19 23:01:09	Name: zsc Value: %D7%08%F1%3F%C5%F7%FA%19%8B%02%0C%F2%E7%0E%BBa%40%BCfg%EF%93%C6%97%EF%5B%C8%1E~%29%CFs%06%16%FC%3B%26zgn%25%030%3C%B5%8F%2B%24a%96s%82%E7%9DC%98%B5%B2O%87m-U%9C%FCyp%1A%AD%01%D1%CDo8%5DD%B8%D5%A8q%9A%9C8
.doubleclick.net/	1970-01-20 08:21:18	Name: IDE Value: AHWqTUnaJnUBAwihDtV-5LBrUNZEdFIWDk2DxNTb31gD7lB2uTyw20zfZDixWw1aAoE
.crwdcntrl.net/	1970-01-20 05:28:30	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:28:30	Name: _cc_id Value: 7f0b82020fdbd9702fe97a5cda4c84b7
.agkn.com/	1970-01-20 07:45:18	Name: ab Value: 0001%3AhAkXRhmcOi8RvHa36oa7ggZRj0qd00YG
.tapad.com/	1970-01-20 00:26:06	Name: TapAd_TS Value: 1637982729095
.tapad.com/	1970-01-20 00:26:06	Name: TapAd_DID Value: a8983410-146c-4907-85c9-a78957204733
.tapad.com/	1970-01-20 00:26:06	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 01:52:30	Name: EE Value: "7f766791d0e6d1de817c3cbcbd0a7b75"
.eyeota.net/	1970-01-19 22:59:43	Name: SERVERID Value: 20560~DM
.krxd.net/	1970-01-20 03:18:54	Name: _kuid_ Value: OgYxZO86
.crwdcntrl.net/	1970-01-20 05:28:30	Name: _cc_cc Value: "ACZ4XmNQME8zSLIwMjAySEtJSrE0NzBKS7U0TzRNTkk0SbYwSTJnAILEhYs4n%2F7%2F%2F58fxAED%2FnUvJusyfpRl%2BM%2FIyLDk%2FxcJxv9JYPa0vwj2k33f4OLHN01hYYKoger6%2BNkSVeD40UPMqCKXTj1iQxXZve%2ByAKrIh4b7AjCHHF48B82S6SfUUZW%2FW4Ku5OqPtTqoatZseMqNKgIALG9peQ%3D%3D"
.crwdcntrl.net/	1970-01-20 05:28:30	Name: _cc_aud Value: "ABR4XmNgYGBIXLiIE0hBACsDw6JWMJNrBohkPc0Mpj6fAlGMD%2BuBJACwyQdy"
.demdex.net/	1970-01-20 03:18:54	Name: demdex Value: 68876635981136717752734493262371695685
.exelator.com/	1970-01-20 01:52:30	Name: ud Value: "eJxrXxzq6XKLQcE8zdzMzNzSMMUg1SzFMCXVwtA82Tg5KTkpxSDRPMncdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F71u%252FAQCcXirw"
.dpm.demdex.net/	1970-01-20 03:18:54	Name: dpm Value: 68876635981136717752734493262371695685
.mathtag.com/	1970-01-20 08:25:37	Name: uuid Value: 555f61a1-a208-4700-a3f4-554e3551f7d5
.tidaltv.com/	1970-01-20 07:45:18	Name: tidal_ttid Value: 3f3b052d-02d3-4e36-aecf-2b0688b5428b
.tidaltv.com/	1970-01-20 07:45:18	Name: sync-his Value: "H4sIAAAAAAAAADM0sjSxtDI0NAAAjksxTAkAAAA="
.adnxs.com/	1970-01-20 01:09:18	Name: uuid2 Value: 3670496396453617560
.turn.com/	1970-01-20 03:18:54	Name: uid Value: 7920816402890308775
.everesttech.net/	1970-01-20 07:45:18	Name: everest_g_v2 Value: g_surferid~YaGiCQAHj6gOGwAz
.videohub.tv/	1970-01-20 07:45:18	Name: UIXX_UPDT Value: "UILO=1637982729389"
.videohub.tv/	1970-01-20 07:45:18	Name: uid Value: CI-2b828ee364a265c478785159ae3d4609

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.viagrarem.com/(Line 493) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/poop.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.viagrarem.com/(Line 493) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/poop.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
aa.agkn.com
ajax.googleapis.com
aorta.clickagy.com
api-public.addthis.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
cafergotmed.com
cdn.jsdelivr.net
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
dt-secure.videohub.tv
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
git.player25.xyz
global.ib-ibi.com
ic.tynt.com
idsync.rlcdn.com
images.dmca.com
loadm.exelator.com
m.addthis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.surveywall-api.survata.com
raw.githubusercontent.com
s7.addthis.com
secure.adnxs.com
spl.zeotap.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
v1.addthisedge.com
vvvkafasi.cloud
waust.at
whos.amung.us
widgets.amung.us
widgets.pinterest.com
www.abcviag.com
www.advairinhalers.com
www.blogger.com
www.cialisactivefd.com
www.google-analytics.com
www.googletagmanager.com
www.personaloanvnz.com
www.vardenafilev.com
www.via1buynow.com
www.viagrarem.com
z.moatads.com
git.player25.xyz
px.surveywall-api.survata.com
s7.addthis.com
sync.tag.clrstm.com
vvvkafasi.cloud
104.111.215.191
104.16.111.154
104.18.28.199
104.75.88.126
13.35.253.107
151.101.128.84
151.101.130.49
151.139.242.29
172.217.18.98
18.198.109.212
185.199.111.133
185.29.132.245
185.33.220.244
199.127.207.184
2.18.235.40
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::13
216.46.185.183
2606:4700:10::6816:1857
2606:4700:10::6816:4aab
2606:4700:20::681a:507
2606:4700:20::681a:70
2606:4700:3030::ac43:8543
2606:4700:3031::ac43:b1d4
2606:4700:3034::ac43:cae3
2606:4700:3035::ac43:b6d8
2606:4700:3035::ac43:d4c7
2606:4700:3036::6815:25f0
2606:4700:3036::ac43:c3fe
2606:4700:3037::ac43:8e1f
2606:4700:3037::ac43:b5ea
2606:4700::6810:5514
2606:4700::6812:bcf
2a00:1450:4001:808::200e
2a00:1450:4001:809::2009
2a00:1450:4001:80e::200a
2a00:1450:4001:812::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a05:d018:24:b002:dccc:4b37:dddb:cf1e
3.120.52.200
3.124.210.90
34.194.112.31
34.254.143.3
35.227.248.159
35.244.174.68
45.55.96.63
51.79.83.225
51.89.99.21
52.212.131.178
52.215.102.174
52.215.136.198
52.223.40.198
63.35.242.195
65.9.71.11
65.9.71.76
65.9.71.78
65.9.71.98
66.155.71.150
67.202.105.31
67.202.105.32
67.202.114.212
72.251.241.196
005f3e7bfce70cad676e8dfec3b3f26d5ee5ac86dea6685baf113ea49521ec35
04af070efd135a17f439c8dab3a8a051ebc28bd7ee4e1852ed8f25a44acbaf01
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0930be5d4814debd3883d1db3b87b73ee46a9ed1588446b76a219cddc91601c7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c2bca311a0986d967ea1056a5953d9fa6dc78d71f5f1c8c145ff610073da331
0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896
0e09310182015f9c19d5f5424cb0626b13fae231ef7fe198730a387dd989cac9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178
175d9eb77519bcfb54f3028c851be267a2e004a8cecab54996a27840192233fc
1cb3ba8daa1b5370d6e7ca952e88c908e66b6c6454ab967eb397352e5e13e20e
200eb26540915e9089a970a62b387866ab63b142699d3abc7e5c465af60e3fb6
20e8f0d328ec511cf708ef6cae85f040f7ca014e44c97b60918d7b3b8d1091a4
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
291d4a5613f03360fb3b8c02f67bb529f65118d1b4916ca2466901fe54a7abd9
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
312bb8edbb58347fb7db3db4f4c0c474645569a414f7d8a0f8f2fc735f875420
32dc78c7f0454566cd4c77bcbad9fa530157324510cf2505fcfcf7ad710d20c7
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
34a34664462d7495d15167582354e1b071be2aeab4bca512f3674ac1975cdec5
358f20eb35a83d3cb288a06b0f3db5c02edd63438d39c96ef69feef3d2df8da6
37df2e559b5e8a6dbe8254033036a03034fb1fd59a7a7cec1e67e6edf4598393
389c9480ba45a199bed640f4aec9503acdafe694c72a69be3f5a66e42972a6d7
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3c183a3dc935c6aaf870f88b842a044e18a65addc0f1970f3637d7d8b0058fc7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4345f9bbe4d6e3bcd1ca8941998ac20318f5ed0de620a162276cb3c9c4eb2b84
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fa298f1f5091e4f045c1ea60d1a15e73c2746409dd275c1e38bf4bca38b00b
461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
49383b2c518dc45d578cd419c112576eed50b1bb63418e1671b8c7b9b9e0d42a
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
51c0c0229f08c6fdcc592b577ef9db475873eac81cf44c57290c4e4dfb413f7e
58e6a6986e3c458404ef954a4cd6866c09147901df56857d4623c22ad561ad85
5985a18268c0ebb932bf079b352fa74a9875342ee6edc881189e44df2077ed4b
5fd0c8c48720f7e73362dfa85d764eb01589a45ac555ac1680f6553d4dd75013
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62e8f98796b8a2acc807ca3fc300487b06af0ea5bfdf81139e1bc0ff0f6f9fda
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
64ea972423868bb28d248dab927220508dd0b03dd6b64e3b1fb7b59bd80e7779
650a59f8754fe0924543123df4c4c61c663390a3e24d5a1de9843c6aed6b2db9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
737bca8a4adf0208cec1019c09f6b55fd09cc3c9f4a48afb39db56efd4752b92
739431390f2b34dd5f5fa3de347b2c1e9a5d7d524634913467c0828dcc6336fc
73e246c734fc7fbdeb5b9247a4f755e7b8c8bfd3ef81c64a29964b50fa5c29a1
7654fb27ca4e2ea19152c40a4c5f42f83d704d004eebb30cdda9ca5bcf6d8938
786996a2ca15cb0f0aa1de05832d3ebdd581c92ef2acb313b0b8d843d35ab889
78d43f8d43a3fc2521fc2d84daca06f3f8f467442a5dbab8c301c4d8c46e71e5
79f7880444fe3f5348d0b34a38803248f1d147f85b7465296037f80decc495a5
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a
832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94
834ed72f9893ffbb6b642c51f8320012833e068d3180b5722b63e673fece8c93
86ae28dec3a4005e71d12015c9ca1f109b2b1b4e2dcae66600fa125ecbc0e51b
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eefa96a1c11a1e01e14761de828dd52922af9fe94e74c3ea6d944d00bd3e7c6
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
90a5a26f3e440a12b3c076c0c8e144e4de28aae14c9d95ff63c43381c58f7a9b
911927ae9af5b5dd6a4982a14f6a64673484283792e40f8dbbd6299e8e477fd1
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9e09fe8e31e20f70b2f887b34b8d744982ebe510729e93af5e4bacf265e430ba
9eced6b6ab8df866ccaf3604754c65045cc458b44486493794b08c2b12b94de3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08a02dcd9ffae68ebb65b4a3735759aee3a370b0daffbed715699a971de7bdb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1
a4f7f1f2d160f83c34243bc2a7d9fc2bdc2021e8b7b1dcb0a7a5eb35ad3ad309
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aefd464868198c4b81b1f82dfd173d7983ed0df1070adf6ef874fb47dd0e0a2e
b44bb446494a072d40152a83e79d25798aacf4e357ad9d0c7dd8edade64f350e
b67dcf67085c843f3fe4e9f675b79f8b97247405c03aa6815fe123793dcf53c7
b6d82f72ca5fd5fb17d58affef475fde8c8b26cb720c3d256f66143437ed5a09
b7a007dcd94bd19ad5b5553a35bf08b5b2c86f0e7f1febae78a14a6654a17329
b8f763dcd7c0590ce397a900595f2eac9f0a177f92033ed3903d52f364c21195
bc0f1be6053a40359ec68f0e348ac092e85902f6588269cdecb23c8fa243113d
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c59da935f7b14f6718b1592f7d0f2992486b7fb28258047a0a05023d5d6785db
c5e90be34f0e072cea027dffd5c5022421f489b93054c6bbaf6183d150950cd6
c7d76d600e630aeaae6cbe922620a3481f84f08f028aceea05e417cf0e539eaf
c8cd6b2d06bc66636e694d672c771c23b684f104780e29fc78897d77d8ec9d96
c9bad412532a4b171bc459bf3613c95eebac756e6f030ff911c0146d1e51ac04
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ced442e95537f5b3c6548ea7b4f8e22737cb1ae5caf3acaa51ec74fa9195f0a8
cf05d8c2f87ceca048ad17e3fc3f3f6d81b42af0ac379b89bb18813adc23ddc1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfef27eaffdf7f003db652df73484b015b269c34f0ee42c96419c3f1656a2f05
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d326c21da3d3667b4050c40d959cfa0e8080a98f2cf6f79c9023b47ea54e128a
d3e80d08935a67814241f695a86aaa0ac0fab05f88f9085d971272fe823a30e7
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dd06b2a60080e41aa21e666ab6a71332123a523cd5f844321de13cac28ae749d
dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6
df40dbf7831bf73832151d295ad75602dfa2ae5303d0441266bd9553a325374b
e0d53555fec85575b4a9c4a395c4033aeb6fe3fbc205747f9dd26ed831518410
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e9280f67ebd600d854464a00a40615185785f16a4555a5897c1f7c03ad9d9c
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ee470a3afe3dac0b505d7c22d0507b8bc4d641411714381a13ff246b9be2f885
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3f1463a7ad022bf65eb276ff4e38feecbab9c77ca9d53a5d3749458c971a98
f34f544496da0f529ae4f73976120687beae5d97a67601e76da82f581e0b172c
f48b59a1640f4aca9db88b921426d81b03eee4621c977fce76f5e075ba2f1ce2
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
fe3e09f52041e4c00c3ce2d531d4bbd78a3a13047013f63692b80dbe97939905

www.viagrarem.com Open in urlscan Pro 2606:4700:3035::ac43:b6d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

172 Requests

66 %HTTPS

39 %IPv6

59 Domains

73 Subdomains

46 IPs

7 Countries

45730 kBTransfer

47285 kBSize

42 Cookies

9 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.viagrarem.com Open in urlscan Pro
2606:4700:3035::ac43:b6d8 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

66 %
HTTPS

39 %
IPv6

59
Domains

73
Subdomains

46
IPs

7
Countries

45730 kB
Transfer

47285 kB
Size

42
Cookies

172 HTTP transactions
2 data transactions